| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige TextnachrichtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.09.2015, 12:02
| #1 |
 |  Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige Textnachricht Liebe Exeperten, könnte Ihr bitte mein Windows 7 System auf eine mögliche Infektion mit Trojaner oder Virus überprüfen? Es verhält sich seit einiger Zeit seltsam; System, inbs. Browser wurden langsamer; Ruhezustand (Bildschirmabblendung) wird von selbst aufgehoben; heute hatte ich schwierigkeiten etwas in die Suchzeile einer Website einzugeben, weil der Browser ständig refreshte. Als ich aufgab kamen die eindeutigen Zeichen ^^ und ich weiß nicht ob ich das selbst verusacht habe oder jemand sich einen Scherz erlaubt. Ich habe mit Kaspersky und Malwarebytes gescannt. Kein Ergebnis (sauber). Füge unten frst mit addition.txt ein. Danke! Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015
durchgeführt von ***** (Administrator) auf THINK (10-09-2015 12:53:27)
Gestartet von C:\Users\*****\Downloads
Geladene Profile: ***** (Verfügbare Profile: *****)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPUIManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(RStudio, Inc.) C:\Program Files\RStudio\bin\rstudio.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(RStudio, Inc.) C:\Program Files\RStudio\bin\x64\rsession.exe
() C:\Program Files (x86)\TeXstudio\texstudio.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Hola Networks Ltd.) C:\Users\*****\AppData\Local\Hola\local\app\hola_updater.exe
(Hola Networks Ltd.) C:\Users\*****\AppData\Local\Hola\local\app\hola_svc.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Farbar) C:\Users\*****\Downloads\FRST64(5).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63728 2015-06-08] (Lenovo)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719456 2013-12-10] (SunplusIT, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Spotify Web Helper] => C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2022968 2015-05-12] (Spotify Ltd)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Google Update] => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Dropbox Update] => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [hola] => C:\Users\*****\AppData\Local\Hola\local\app\hola.exe [2032256 2015-09-10] (Hola Networks Ltd.)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [CeDesktopIntegration] -> {3CEC3E6D-ECF2-4B49-8A41-3B16DF8B9C3F} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-06-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-06-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\Parameters: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Tcpip\..\Interfaces\{377520F3-E7C7-403B-997E-42BDEC38E4BC}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6E5C7DA5-A581-4A8E-B3A9-7B58FA045ADB}: [DhcpNameServer] 192.168.16.2 141.211.32.6
Tcpip\..\Interfaces\{8A21F8CE-5324-4563-A4A5-D47CF1CBA83B}: [DhcpNameServer] 172.168.111.2
Tcpip\..\Interfaces\{B524442D-7D83-4ED0-A93C-096812422175}: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> {417735E5-3C9D-89A4-A0EC-2BA9A2D311CA} URL =
SearchScopes: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-04-23] (IObit)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-21] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-17] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-21] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-19] (Symantec Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-21] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-17] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-21] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-19] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
Toolbar: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} hxxps://*****/CACHE/stc/20/binaries/vpnweb.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @ABNAMRO/BECON,version=1.00 -> C:\Program Files (x86)\ABN AMRO e.dentifier2\Mozilla\npBECON.dll [2011-07-07] (ABN AMRO)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-17] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-23] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @hola.org/FlashPlayer -> C:\Users\*****\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2015-09-10] ()
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @hola.org/vlc -> C:\Users\*****\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2015-09-10] (Hola)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\*****\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @talk.google.com/O1DPlugin -> C:\Users\*****\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @tools.google.com/Google Update;version=3 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @tools.google.com/Google Update;version=9 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: google.com/WidevineMediaOptimizer -> C:\Users\*****\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-06-19] (Intel)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-06-19] (Intel)
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1480473739-3576749651-3455334848-1000\FireFox\user.js [2015-04-23]
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\user.js [2015-04-23]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-05-15] (Octoshape ApS)
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\Extensions\iobitascsurfingprotection@iobit.com [2015-06-23]
FF Extension: Hola Better Internet - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-09-09]
FF Extension: Zotero - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\Extensions\zotero@chnm.gmu.edu.xpi [2015-03-07]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2013-06-05]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-21]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-21]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-21]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-21]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-21]
FF HKLM-x32\...\Firefox\Extensions: [VIP4X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
Chrome:
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky URL Advisor) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-07-27]
CHR Extension: (Safe Money) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-07-27]
CHR Extension: (Virtual Keyboard) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-07-27]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2013-07-26]
CHR Extension: (Anti-Banner) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-07-27]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1243344 2014-09-03] (Intel® Corporation)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-06-26] (Lenovo.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-01] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-17] (IObit)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [20984 2013-10-18] (Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424 2015-08-17] (Lenovo)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-23] (Nitro PDF Software)
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59440 2013-12-16] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [319024 2013-12-16] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22008 2015-07-01] ()
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2013-03-27] (Broadcom Corporation.)
S3 e.dentifier2; C:\Windows\System32\DRIVERS\aabed2.sys [28672 2008-03-20] (Todos Data System AB)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-08-31] (GFI Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-04] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-21] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-21] (Kaspersky Lab ZAO)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R3 l36wscard; C:\Windows\System32\DRIVERS\l36wscard.sys [61992 2011-01-14] (Ericsson AB)
S3 LenLan; C:\Windows\System32\DRIVERS\LenLan.sys [98816 2012-05-29] (Lenovo Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [443208 2012-10-02] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [453960 2012-10-02] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [21832 2012-10-02] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [506184 2012-10-02] (MCCI Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1514144 2013-12-10] (Sunplus)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-12-13] (Cisco Systems, Inc.)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [281840 2013-02-19] (Ericsson AB)
S3 ALSysIO; \??\C:\Users\*****\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz137; \??\C:\Users\*****\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S2 smihlp2; \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-10 12:53 - 2015-09-10 12:53 - 00048535 _____ C:\Users\*****\Desktop\FRST.txt
2015-09-10 12:51 - 2015-09-10 12:51 - 02190336 _____ (Farbar) C:\Users\*****\Downloads\FRST64(5).exe
2015-09-10 12:45 - 2015-09-10 12:45 - 00001254 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hola.lnk
2015-09-10 12:45 - 2015-09-10 12:45 - 00000000 ____D C:\Users\*****\AppData\Roaming\Hola
2015-09-08 22:32 - 2015-09-10 12:49 - 00000671 _____ C:\Windows\setupact.log
2015-09-08 22:32 - 2015-09-08 22:32 - 00000000 _____ C:\Windows\setuperr.log
2015-09-08 10:11 - 2015-09-08 10:11 - 48491296 _____ (IObit) C:\Users\*****\Downloads\advanced-systemcare-setup(1).exe
2015-09-07 20:37 - 2015-09-07 20:37 - 00000000 ____D C:\Users\*****\AppData\Local\pip
2015-09-07 20:37 - 2015-09-07 20:37 - 00000000 ____D C:\Python34
2015-09-07 20:37 - 2015-09-07 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4
2015-09-07 20:36 - 2015-09-07 20:36 - 24846336 _____ C:\Users\*****\Downloads\python-3.4.3.msi
2015-09-07 00:25 - 2015-09-07 00:25 - 09912422 _____ C:\Users\*****\Downloads\train-images-idx3-ubyte.gz
2015-09-04 03:08 - 2015-09-04 03:08 - 02441037 _____ C:\Users\*****\Downloads\ICEMAPS.zip
2015-09-02 00:17 - 2015-09-02 00:17 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-01 19:28 - 2015-09-01 19:28 - 00143135 _____ C:\Users\*****\Downloads\rmse plots.zip
2015-08-31 11:28 - 2015-08-31 11:28 - 00000565 _____ C:\Users\*****\Downloads\sf-2015-10-21-789.ics
2015-08-29 22:41 - 2015-09-02 09:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-25 22:44 - 2015-08-25 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-25 22:43 - 2015-08-25 22:44 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-24 22:05 - 2015-08-24 22:05 - 00014848 _____ C:\Users\*****\Downloads\XLS150824220542.xls
2015-08-24 13:06 - 2015-08-24 13:06 - 00000000 ____D C:\Text_Latex
2015-08-24 13:05 - 2015-08-24 12:49 - 00129117 _____ C:\Users\*****\texcount.pl
2015-08-24 12:50 - 2015-08-24 12:51 - 00000000 ____D C:\Perl64
2015-08-24 12:50 - 2015-08-24 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePerl 5.20.2 Build 2002 (64-bit)
2015-08-24 12:49 - 2015-08-24 12:49 - 29398503 _____ C:\Users\*****\Downloads\ActivePerl-5.20.2.2002-MSWin32-x64-299195.msi
2015-08-23 13:52 - 2015-08-23 13:55 - 1150844928 _____ C:\Users\*****\Downloads\ubuntu-15.04-desktop-amd64.iso
2015-08-23 13:50 - 2015-08-23 13:50 - 01089105 _____ (pendrivelinux.com) C:\Users\*****\Downloads\Universal-USB-Installer-1.9.6.1.exe
2015-08-22 12:53 - 2015-08-22 12:53 - 00002002 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2015-08-21 14:50 - 2015-08-21 14:50 - 00000000 ____D C:\Users\*****\Documents\TeXcount_3_0_0_24-1
2015-08-21 14:45 - 2015-08-21 14:45 - 00000000 ____D C:\Users\*****\Documents\opendetex-win-2.8.1
2015-08-21 14:40 - 2015-08-21 14:40 - 00000000 ____D C:\Users\*****\Documents\wordcount
2015-08-21 14:36 - 2015-08-24 12:49 - 00000000 ____D C:\Users\*****\Documents\TeXcount_3_0_0_24
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-10 12:53 - 2013-10-21 01:35 - 00036885 _____ C:\Users\*****\Downloads\FRST.txt
2015-09-10 12:53 - 2013-09-04 13:06 - 00000000 ____D C:\FRST
2015-09-10 12:50 - 2013-06-05 00:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-10 12:45 - 2014-11-17 15:06 - 00000000 ____D C:\Users\*****\AppData\Local\Hola
2015-09-10 12:40 - 2015-01-27 23:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-10 12:38 - 2015-06-17 16:27 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job
2015-09-10 12:28 - 2013-09-07 01:14 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job
2015-09-10 12:28 - 2013-09-07 01:14 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job
2015-09-10 12:23 - 2009-07-14 06:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-10 12:23 - 2009-07-14 06:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-10 11:15 - 2015-06-23 21:27 - 00002196 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-09-10 10:56 - 2015-04-23 20:30 - 00000000 ____D C:\Users\*****\Documents\simulation
2015-09-10 10:40 - 2013-06-05 00:40 - 01893735 _____ C:\Windows\WindowsUpdate.log
2015-09-10 09:24 - 2015-06-17 16:27 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job
2015-09-10 09:17 - 2013-06-26 18:10 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2015-09-09 18:15 - 2014-01-01 12:49 - 00000000 ____D C:\Users\*****\Documents\Outlook-Dateien
2015-09-09 18:12 - 2013-06-05 00:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-08 18:51 - 2013-06-26 17:59 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2015-09-08 16:29 - 2014-08-04 09:15 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-08 10:13 - 2015-04-23 18:51 - 00003180 _____ C:\Windows\System32\Tasks\ASC8_PerformanceMonitor
2015-09-08 10:12 - 2015-04-23 18:50 - 00002868 _____ C:\Windows\System32\Tasks\ASC8_SkipUac_*****
2015-09-08 10:12 - 2015-04-23 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-09-08 10:06 - 2013-06-05 10:15 - 00703214 _____ C:\Windows\system32\perfh007.dat
2015-09-08 10:06 - 2013-06-05 10:15 - 00150822 _____ C:\Windows\system32\perfc007.dat
2015-09-08 10:06 - 2009-07-14 07:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-08 10:01 - 2015-06-04 13:46 - 00002870 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (*****)
2015-09-08 10:00 - 2014-01-21 15:54 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-09-08 09:59 - 2013-06-26 18:26 - 00000000 ___RD C:\Users\*****\Dropbox
2015-09-08 09:59 - 2013-06-26 18:15 - 00000000 ____D C:\Users\*****\AppData\Roaming\Dropbox
2015-09-08 09:59 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-08 09:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-07 11:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\spool
2015-09-02 14:50 - 2013-08-12 13:46 - 00000000 ____D C:\Workspace R
2015-09-02 14:46 - 2013-06-26 17:49 - 00000000 ____D C:\Users\*****
2015-09-02 09:28 - 2015-04-23 18:48 - 00000000 ____D C:\ProgramData\ProductData
2015-09-02 09:26 - 2013-06-26 23:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-01 13:32 - 2013-06-26 19:24 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-30 17:45 - 2013-06-05 00:40 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 17:45 - 2013-06-05 00:40 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-30 12:23 - 2013-09-07 01:14 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA
2015-08-30 12:23 - 2013-09-07 01:14 - 00003700 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core
2015-08-28 17:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-26 20:13 - 2015-01-14 14:15 - 00000000 ____D C:\Users\*****\Documents\Zotero Workspace
2015-08-26 15:29 - 2014-11-22 15:10 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2015-08-25 22:43 - 2013-06-26 17:58 - 00000000 ____D C:\ProgramData\Skype
2015-08-23 14:01 - 2015-06-30 17:54 - 00000000 ____D C:\Figures_Latex
2015-08-22 12:53 - 2014-11-19 20:43 - 00000000 ____D C:\Users\*****\AppData\Roaming\LSC
2015-08-22 12:53 - 2013-06-05 00:38 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2015-08-22 12:53 - 2013-06-05 00:34 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-08-22 12:52 - 2013-06-05 00:38 - 00000000 ____D C:\Windows\Downloaded Installations
2015-08-22 12:52 - 2013-06-05 00:33 - 00000000 ____D C:\Program Files\Lenovo
2015-08-19 13:32 - 2015-01-09 01:55 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1420761345
2015-08-17 15:40 - 2015-01-27 23:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-17 15:40 - 2013-12-14 17:24 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-17 15:40 - 2013-12-14 17:24 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-17 15:02 - 2013-08-31 03:06 - 00000000 ____D C:\Windows\Minidump
2015-08-17 13:35 - 2015-04-20 11:31 - 00000000 ___SD C:\Windows\system32\GWX
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-10-04 00:29 - 2013-10-04 00:29 - 0000000 _____ () C:\Users\*****\AppData\Roaming\AbsoluteReminder.xml
2013-10-16 21:22 - 2013-10-16 21:58 - 0000132 _____ () C:\Users\*****\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format
2013-08-08 01:21 - 2013-08-08 01:21 - 0000037 ___SH () C:\Users\*****\AppData\Local\70149b02515b3bb20dd492.47983420
2013-06-27 20:37 - 2015-07-07 18:48 - 0007644 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2013-06-05 00:36 - 2013-06-05 00:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-21 10:47 - 2014-07-21 10:47 - 0000337 _____ () C:\ProgramData\hpzinstall.log
2013-06-26 17:52 - 2013-07-07 19:31 - 0000227 _____ () C:\ProgramData\LastUpdate.xml
Einige Dateien in TEMP:
====================
C:\Users\*****\AppData\Local\Temp\ASCSetup_774108.exe
C:\Users\*****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6bfdwh.dll
C:\Users\*****\AppData\Local\Temp\Firefox-Setup-38.0.5.exe
C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.510.exe
C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.567.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-01 11:08
==================== Ende von FRST.txt ============================
|
|
10.09.2015, 12:03
| #2 |
| | Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige TextnachrichtCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-09-2015
durchgeführt von ***** (2015-09-10 12:53:46)
Gestartet von C:\Users\*****\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-06-26 15:49:52)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1480473739-3576749651-3455334848-500 - Administrator - Disabled)
Gast (S-1-5-21-1480473739-3576749651-3455334848-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1480473739-3576749651-3455334848-1004 - Limited - Enabled)
***** (S-1-5-21-1480473739-3576749651-3455334848-1000 - Administrator - Enabled) => C:\Users\*****
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Aangifte inkomstenbelasting 2011 (HKLM-x32\...\Aangifte inkomstenbelasting 2011) (Version: - Belastingdienst)
Aangifte inkomstenbelasting 2013 (HKLM-x32\...\Aangifte inkomstenbelasting 2013) (Version: - Belastingdienst)
ABN AMRO e.dentifier2 software (HKLM-x32\...\{55BF7E3E-F00A-4A3D-BB76-09228B35FFD6}) (Version: 02.00 - ABN AMRO BANK)
ActivePerl 5.20.2 Build 2002 (64-bit) (HKLM\...\{C07C5E6C-2225-4668-896C-31A7D105A9BB}) (Version: 5.20.2002 - ActiveState)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Connect 9 Add-in (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Adobe Connect 9 Add-in) (Version: 11,9,972,8 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.4.0 - IObit)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit)
Dropbox (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Elements 12 Organizer (x32 Version: 12.0 - Ihr Firmenname) Hidden
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.55 - )
EPSON BX620FWD Series Printer Uninstall (HKLM\...\EPSON BX620FWD Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.1 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
G*Power 3.1.9.2 (HKLM-x32\...\{F9C59D86-6F65-4EDB-89A2-FBA1F78762D2}) (Version: 3.1.92 - Franz Faul, Uni Kiel, Germany)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
Google Apps Migration For Microsoft Outlook® 3.4.27.52 (HKLM-x32\...\{65960C6E-BFA2-4FE7-A1BC-8028F3072566}) (Version: 3.4.27.52 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.7.410.1100 (HKLM-x32\...\{799A7E2B-388F-4BDE-B55B-47AF42C6440A}) (Version: 3.7.410.1100 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Hema Fotoalbum (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\{83EF9202-135C-4AFC-A083-DE9D09C6BC46}_is1) (Version: - Hema)
Hola™ 1.9.510 - Better Internet (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Hola) (Version: 1.9.510 - Hola Networks Ltd.)
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.31 - SunplusIT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3359 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}) (Version: 17.13.2 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.118 - IObit)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.63.10 - Lenovo)
Lenovo App Shop (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 44154 - Intel)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - )
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.2.1003.00 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.1 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.04 - )
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 2.00 - Lenovo Group Limited)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{E92E1FF1-B188-43FE-BECA-2248E227E67D}) (Version: 2.8.005.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0003 - Lenovo)
Lenovo USB 2.0 Ethernet Adapter (HKLM-x32\...\{29584513-DC7F-4EB9-8654-7C541DF0DDCE}) (Version: 1.11 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0021.00 - Lenovo Group Limited)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Master of Orion 2 (HKLM-x32\...\1207661633_is1) (Version: 2.1.0.18 - GOG.com)
Mendeley Desktop 1.11 (HKLM-x32\...\Mendeley Desktop) (Version: 1.11 - Mendeley Ltd.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM-x32\...\{90150000-001F-0413-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.2.5.4 - Ericsson AB)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Mplus Version 7.3 Demo (64-bit) (HKLM\...\{BA273660-8C9F-4835-A906-3B5686BE7AB4}) (Version: 7.3.0 - Muthen & Muthen)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nitro Pro 7 (HKLM\...\{36710189-55DF-4D75-8B6A-523CC61B7047}) (Version: 7.4.1.4 - Nitro PDF Software)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
Octoshape Streaming Services (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Opera Stable 31.0.1889.174 (HKLM-x32\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
R for Windows 3.0.3 (HKLM\...\R for Windows 3.0.3_is1) (Version: 3.0.3 - R Core Team)
R for Windows 3.2.0 (HKLM\...\R for Windows 3.2.0_is1) (Version: 3.2.0 - R Core Team)
RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - Lenovo)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1103 - RStudio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 28.1.86200 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Spotify) (Version: 1.0.5.178.g885b099b - Spotify AB)
SRWare Iron version SRWare Iron 40.2150.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 40.2150.0 - SRWare)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TeXstudio 2.6.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.6.2 - Benito van der Zander)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.25.65 - Lenovo)
ThinkVantage Access Connections (HKLM-x32\...\{A62AEB2B-E2A0-4E77-8AAE-9645FE3B5487}) (Version: 5.95 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.44.0 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.81 - Lenovo)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
Widevine Media Optimizer Chrome 6.0.0 (HKLM-x32\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Intel (ISCT) System (08/23/2011 1.0.5.0) (HKLM\...\8D1FA6162A87496A05284A0C76A3B76705965B62) (Version: 08/23/2011 1.0.5.0 - Intel)
Windows-Treiberpaket - Intel System (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SmbDrv) System (07/05/2012 16.2.5.0) (HKLM\...\99334E0BAA64ED1D117794050F2AA7D3951D9A7D) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (07/05/2012 16.2.5.0) (HKLM\...\0395D83D6A2C0E110509B9E80E9BC5F29238FA82) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Zotero Standalone 4.0.23 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.23 (x86 en-US)) (Version: 4.0.23 - Zotero)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
==================== Wiederherstellungspunkte =========================
01-09-2015 11:15:38 Geplanter Prüfpunkt
07-09-2015 20:37:09 Installed Python 3.4.3
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2014-09-16 01:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05C78976-EF75-4798-8EDF-5F59FD4E9D1D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-17] (Lenovo)
Task: {06AB8E71-ABA9-47C7-B557-69E305623749} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-03-30] (IObit)
Task: {11257F63-5297-4886-AFC6-2211F6C9B8A3} - System32\Tasks\{AD1218B3-DC59-4081-8A45-2014706A72CC} => pcalua.exe -a "C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4EH50OQF\AVM_FRITZ!WLAN_Repeater_310_Assistent.exe" -d C:\Users\*****\Desktop
Task: {16D76F82-AC80-4041-BCAC-6798F30CD84B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {23E62AD8-63C7-49C4-8D88-568E37D12038} - System32\Tasks\{E661EA14-4831-4DC9-BA24-1F58FD3A9520} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {2EB5F894-5754-434D-B73F-4BE8864AA087} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-04-07] (IObit)
Task: {4C2A1E4A-C7EE-470D-9958-CC358E92291E} - System32\Tasks\Driver Booster SkipUAC (*****) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-04-07] (IObit)
Task: {4D921DAC-9A08-4581-852D-45C2A781DF67} - System32\Tasks\AdobeAAMUpdater-1.0-THINK-***** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {4ED24D9E-64F9-4EFD-8D62-2A46AB7FD6F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5101C02D-4ACA-41E8-A6F5-210953BD81F2} - System32\Tasks\{9F4FBCB7-441F-4042-8998-402A08F71CD7} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {51527F61-8136-4602-9BBD-7F6A3386DE9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-17] (Adobe Systems Incorporated)
Task: {516DE39E-4BC8-46DC-98B3-4E384F30F3C3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {544E4E1D-B75D-4BB3-A0C9-D1FF08669CC2} - System32\Tasks\{96C4092B-3E36-4FFF-A252-679948D94E24} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {7919D72C-61BF-4D32-B4B1-611567EE8130} - System32\Tasks\ASC8_SkipUac_***** => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-08-13] (IObit)
Task: {7A94AD62-0252-460D-9461-2AECDE893A62} - System32\Tasks\{B5103088-5AA1-4ED1-B052-EE1CD81AA67F} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {7ED977C3-E5A3-4DF8-A891-8CAC05FDC42C} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {81950FA3-3AF2-4847-B96B-94549F81FE8A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {87B99F39-997D-4779-8463-8CD302544AD5} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-08-12] (IObit)
Task: {8B1A1E8D-C0C0-4103-A1F3-3F622D197ACF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {8BA7A521-2EDE-4A9A-A6C4-3A2B99F3C353} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {A0C547F0-617C-40D8-9079-033C06E2AFA0} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {A66A4169-D399-41CB-8193-6621E49CB98E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A9A553D2-A554-44FC-95C8-5FA6297B2471} - System32\Tasks\{396E50AE-0DBA-4615-A96F-CFE4DC2D9EF1} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {ACA06C7F-29C4-4B82-9EE4-5D7963A33E65} - System32\Tasks\{7389CD34-2D3B-4788-99E0-2FA2C4B12C48} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {AE503945-21E0-41F7-8671-E4AA2026ECB1} - System32\Tasks\Opera scheduled Autoupdate 1420761345 => C:\Program Files (x86)\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {BD88E10A-9E69-4A8C-B39C-203527DCC6DA} - System32\Tasks\Uninstaller_SkipUac_***** => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-04-23] (IObit)
Task: {CE9FB232-A20A-4B40-BDDE-6185834DBC42} - System32\Tasks\{1D30A00C-6ED6-4D93-B8A1-4E559F3B335B} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {D2A57E6F-F90F-4E0A-8870-20C421B5B0C3} - System32\Tasks\{BC072FDB-9C95-45AD-8328-17D7B8A4868E} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {D63B89A4-B7CE-47C3-9233-92909828A987} - System32\Tasks\{010A5FF7-A151-4825-B0EA-879607C5D583} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {D7CDE812-B353-455D-8286-DE0FC7CFEE28} - System32\Tasks\{D82A1DC1-78A4-4231-BB44-53D94432F129} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {DE14A80B-A5D4-4B76-BADF-DF7A8A97D698} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {DE225219-FCE1-4AFF-8337-76007213F971} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-17] (Lenovo)
Task: {EB104AF8-8109-4A59-B90F-1B8A779C237F} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-07-01] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-06-05 00:37 - 2012-03-19 08:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-10-28 19:50 - 2010-10-28 19:50 - 00040960 _____ () C:\Program Files\RStudio\bin\x64\libgcc_s_sjlj-1.dll
2015-04-23 13:54 - 2015-04-17 13:40 - 00377527 _____ () C:\Program Files\R\R-3.2.0\bin\x64\Rgraphapp.dll
2015-04-23 13:54 - 2015-04-17 13:40 - 25815552 _____ () C:\Program Files\R\R-3.2.0\bin\x64\R.dll
2015-04-23 13:54 - 2015-04-17 13:40 - 00343623 _____ () C:\Program Files\R\R-3.2.0\bin\x64\Rblas.dll
2015-04-23 13:54 - 2015-04-17 13:40 - 00131391 _____ () C:\Program Files\R\R-3.2.0\bin\x64\Riconv.dll
2015-04-23 13:55 - 2015-04-17 13:42 - 00123904 _____ () C:\Program Files\R\R-3.2.0\library\utils\libs\x64\utils.dll
2015-04-23 13:54 - 2015-04-17 13:44 - 00037888 _____ () C:\Program Files\R\R-3.2.0\library\methods\libs\x64\methods.dll
2015-04-23 13:54 - 2015-04-17 13:42 - 01048064 _____ () C:\Program Files\R\R-3.2.0\library\grDevices\libs\x64\grDevices.dll
2015-04-23 13:54 - 2015-04-17 13:43 - 00248832 _____ () C:\Program Files\R\R-3.2.0\library\graphics\libs\x64\graphics.dll
2015-04-23 13:54 - 2015-04-17 13:43 - 00640512 _____ () C:\Program Files\R\R-3.2.0\library\stats\libs\x64\stats.dll
2015-04-23 13:54 - 2015-04-17 13:41 - 02186240 _____ () C:\Program Files\R\R-3.2.0\bin\x64\Rlapack.dll
2015-04-23 13:55 - 2015-04-17 13:41 - 00087552 _____ () C:\Program Files\R\R-3.2.0\library\tools\libs\x64\tools.dll
2015-04-23 13:55 - 2015-04-17 13:41 - 02696790 _____ () C:\Program Files\R\R-3.2.0\modules\x64\internet.dll
2013-09-21 22:15 - 2013-07-13 20:01 - 10483712 _____ () C:\Program Files (x86)\TeXstudio\TeXstudio.exe
2013-06-05 00:35 - 2012-03-21 05:05 - 00051776 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-06-05 00:38 - 2011-08-02 04:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2013-06-05 00:38 - 2011-08-02 04:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2013-06-05 00:36 - 2011-07-13 10:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2015-09-08 09:59 - 2015-09-08 09:59 - 00071168 _____ () c:\users\*****\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6bfdwh.dll
2015-03-04 23:45 - 2015-08-05 07:26 - 00012800 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-08-05 07:26 - 00779776 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-17 13:27 - 2015-08-05 07:26 - 00056320 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-08-05 07:26 - 00012288 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-06-27 10:41 - 2013-05-13 15:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-23 18:50 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2015-04-23 18:50 - 2014-12-10 09:14 - 01284896 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\Scan.dll
2009-06-23 04:42 - 2009-06-23 04:42 - 00043008 _____ () C:\Program Files\RStudio\bin\libgcc_s_dw2-1.dll
2009-01-10 20:32 - 2009-01-10 20:32 - 00011362 _____ () C:\Program Files\RStudio\bin\mingwm10.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-08-19 13:32 - 2015-08-19 13:32 - 58600568 _____ () C:\Program Files (x86)\Opera\31.0.1889.174\opera.dll
2015-08-19 13:32 - 2015-08-19 13:31 - 01781368 _____ () C:\Program Files (x86)\Opera\31.0.1889.174\libglesv2.dll
2015-08-19 13:32 - 2015-08-19 13:31 - 00081528 _____ () C:\Program Files (x86)\Opera\31.0.1889.174\libegl.dll
2013-09-21 22:15 - 2009-01-11 05:32 - 00011362 _____ () C:\Program Files (x86)\TeXstudio\mingwm10.dll
2013-09-21 22:15 - 2010-04-18 03:09 - 00108032 _____ () C:\Program Files (x86)\TeXstudio\libgcc_s_dw2-1.dll
2013-09-21 22:15 - 2013-06-24 19:48 - 00409600 _____ () C:\Program Files (x86)\TeXstudio\libpoppler-qt4.dll
2013-09-21 22:15 - 2013-06-24 19:48 - 02020352 _____ () C:\Program Files (x86)\TeXstudio\libpoppler.dll
2013-09-21 22:18 - 2013-06-24 19:47 - 00153600 _____ () C:\Program Files (x86)\TeXstudio\libpng15.dll
2013-09-21 22:18 - 2013-06-24 19:48 - 00080896 _____ () C:\Program Files (x86)\TeXstudio\libz.dll
2013-09-21 22:18 - 2013-06-24 19:48 - 00260096 _____ () C:\Program Files (x86)\TeXstudio\libcurl.dll
2013-09-21 22:15 - 2013-06-24 19:47 - 00473088 _____ () C:\Program Files (x86)\TeXstudio\libfreetype.dll
2013-09-21 22:15 - 2013-06-24 19:47 - 00199168 _____ () C:\Program Files (x86)\TeXstudio\libjpeg.dll
2013-09-21 22:18 - 2013-06-24 19:48 - 00259072 _____ () C:\Program Files (x86)\TeXstudio\liblcms2.dll
2013-09-21 22:15 - 2013-06-24 19:47 - 00125952 _____ () C:\Program Files (x86)\TeXstudio\libopenjpeg.dll
2013-09-21 22:18 - 2013-06-24 19:47 - 00318464 _____ () C:\Program Files (x86)\TeXstudio\libtiff3.dll
2013-09-21 22:18 - 2013-06-24 19:48 - 00038912 _____ () C:\Program Files (x86)\TeXstudio\libgcc_s_sjlj-1.dll
2015-08-17 14:40 - 2015-08-17 14:40 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\AdwCleaner:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Boot:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Causal model.pptx:com.dropbox.attributes
AlternateDataStreams: C:\Causal_model_small.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Config.Msi:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Documents and Settings:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Dokumente und Einstellungen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\DRIVERS:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\FRST:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Intel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\mfg:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\MSOCache:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\PerfLogs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Program Files:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Program Files (x86):IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\swshare:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\SWTOOLS:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\System Volume Information:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\table1.png:com.dropbox.attributes
AlternateDataStreams: C:\Temp:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Workspace R:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\All Users:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Adobe:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Brother:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Cisco:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Desktop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Dokumente:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Downloaded Installations:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\EPSON:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Favoriten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Favorites:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\FileOpen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\IDM:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Intel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Lenovo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\MacheenService:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Malwarebytes:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\McAfee:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft Help:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\MiKTeX:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Mozilla:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Nitro PDF:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Norton:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\NortonInstaller:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Oracle:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Package Cache:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\regid.1986-12.com.adobe:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\SafeNet Sentinel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Simply Super Software:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Skype:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Sophos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\SPSS:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Spybot - Search & Destroy:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Start Menu:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Startmenü:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Sun:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\TEMP:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Templates:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Vorlagen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpsonNet:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo App Shop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Desktop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Downloads:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Druckumgebung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Eigene Dateien:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Favorites:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Links:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Local Settings:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Lokale Einstellungen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\My Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\NetHood:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Netzwerkumgebung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\PrintHood:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Recent:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Saved Games:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\SendTo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Start Menu:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Startmenü:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Templates:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Vorlagen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\History:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Verlauf:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\Eigene Bilder:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\Eigene Musik:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\Eigene Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\My Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\My Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\My Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\History:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Verlauf:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Bilder:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Musik:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\My Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\My Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\My Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Desktop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Downloads:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Favorites:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Lenovo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Libraries:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Recorded TV:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Symantec:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Downloads\Norton:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\CrashDump:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\Eigene Bilder:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\Eigene Musik:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\Eigene Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\My Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\My Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\My Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\NativeFus_Log:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\.spss:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Contacts:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Cookies:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Desktop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Downloads:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Dropbox:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Druckumgebung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Eigene Dateien:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Favorites:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Links:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Lokale Einstellungen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Netzwerkumgebung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Recent:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Saved Games:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Searches:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\SendTo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Startmenü:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Vorlagen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Downloads\Adobe Photoshop Elements 12:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Downloads\Latex:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Downloads\mflpro:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Downloads\Microsoft Office Professional Plus 2013 32-bit (German):IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\LocalLow:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Adobe:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\CoSoSys:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Dropbox:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\EPSON:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\FileOpen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Identities:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\IDM:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Intel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\LavasoftStatistics:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Leadertech:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Lenovo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Malwarebytes:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\MiKTeX:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Mozilla:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\MyPhoneExplorer:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Nitro PDF:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Notepad++:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Opera:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\PDAppFlex:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\PwrMgr:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Skype:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Spotify:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\texstudio:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Adobe:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Broadcom:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Cisco:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Diagnostics:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Downloaded Installations:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\ElevatedDiagnostics:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Google:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\GPSENABLER:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Hema Fotoalbum:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\IBM:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\javasharedresources:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Lenovo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\LSC:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Macromedia:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\MetaGeek,_LLC:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\MiKTeX:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\MobileAccess:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Mozilla:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\ms-drivers:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Opera:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\PDF24:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\RStudio-Desktop.bu:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Spotify:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Temp:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\VeriSign:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Verlauf:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\VirtualStore:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Amsterdam:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Bewerbungen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Bluetooth-Exchange-Ordner:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Eigene Bilder:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Eigene Musik:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Eigene Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Finanzen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Hema Fotoalbum:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\R:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Security Copy Dropbox:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\SPSSInc:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Studium:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hema Fotoalbum:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4788 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: Google Update => "C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Integrated Camera_Monitor => C:\Program Files (x86)\Integrated Camera\monitor.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LENOVO.TPKNRRES => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
MSCONFIG\startupreg: LenovoNal => C:\Program Files\Lenovo\Lenovo Peer Connect\NalService.exe
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\*****\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PWMTRV => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{2B063FA6-477F-48FA-9D1E-3BDBBDEB2DE6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EDD477BC-C5F1-4E0C-AD2F-EAB87CBE2016}] => (Allow) LPort=2869
FirewallRules: [{03D5C4C4-1599-4012-AD49-5002A9EA33DD}] => (Allow) LPort=1900
FirewallRules: [{34A60A08-403E-4FD9-86AE-64718FB480EF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{EF5C29A3-17C3-46AC-91A1-F104C6D38372}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7BA793EC-F5F6-4071-992C-E69FEA754B68}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{44D10574-CC59-4D88-A295-485DA2832F38}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F6FD2F10-D1DB-47D9-8902-2643C5E69F79}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{36428086-0079-4F5C-BAA1-ADC33A93C5A4}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0E310144-12A2-4304-B85D-67C0B79B1E3E}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{EF0AF0CC-7E9B-400C-AF5B-4BEA2C18386F}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{658B0361-312C-421C-8ECA-CA0C1E879717}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{22E03A7D-DA2D-4C2A-ABF2-8C8A40C6CFF1}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{C7DB25E6-D90E-4F4A-A745-29D1622204C1}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{31E76C7C-500A-4CEB-87E3-8D6FC0AAA2C6}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{8A54E9FF-9370-4F97-8091-2422BEA75318}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [TCP Query User{5837FA49-EC04-4CE2-A17F-5469621E5F70}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C81CF274-8D28-4900-94C1-2F1891831C07}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E3EF79E9-FE81-445C-9358-86918EBEBB9E}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1C160363-0105-456F-B3D6-8A10B374F511}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{E2ECEC31-40B6-4B15-B912-4E7378DF0193}C:\users\*****\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\*****\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{4CA88648-4EDA-4AF1-95D5-B3B155D7CCFB}C:\users\*****\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\*****\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{575915FC-4116-470F-8057-4C9DFAC272F6}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{AE4AA11B-7BE4-4429-9D7B-BCF8EC179EC1}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{522142AE-B1C9-423A-B3CD-8ED4EA0DBE7A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6844444C-9084-4822-A681-A85969309E62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8CE040F5-BCF4-4718-86D9-4A0CA9DFC42F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{78EA5E40-A5F8-452E-84C8-49CFC7DE20E2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{7D181AC7-7F0D-4DBC-9478-1192C7F41790}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Lenovo Connect Device 1.0
Description: Lenovo Connect Device 1.0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/10/2015 12:12:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/10/2015 12:12:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/10/2015 12:12:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/10/2015 12:12:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/10/2015 12:12:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=21, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/10/2015 12:12:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=18, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/10/2015 10:50:02 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/10/2015 10:50:02 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/10/2015 10:50:02 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/10/2015 10:50:02 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Systemfehler:
=============
Error: (09/10/2015 12:12:16 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0GET_STATEXX XX XX XX
Error: (09/10/2015 10:50:12 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0GET_STATEXX XX XX XX
Error: (09/10/2015 10:21:42 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0GET_STATEXX XX XX XX
Error: (09/09/2015 08:09:58 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0GET_STATEXX XX XX XX
Error: (09/09/2015 07:10:10 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0GET_STATEXX XX XX XX
Error: (09/09/2015 06:12:32 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0GET_STATEXX XX XX XX
Error: (09/09/2015 01:49:10 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0GET_STATEXX XX XX XX
Error: (09/09/2015 11:57:19 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0GET_STATEXX XX XX XX
Error: (09/09/2015 09:29:40 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0GET_STATEXX XX XX XX
Error: (09/08/2015 11:25:23 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0GET_STATEXX XX XX XX
Microsoft Office:
=========================
Error: (09/10/2015 12:12:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path43900
Error: (09/10/2015 12:12:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path25900
Error: (09/10/2015 12:12:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path17900
Error: (09/10/2015 12:12:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path23808600
Error: (09/10/2015 12:12:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path21808600
Error: (09/10/2015 12:12:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path18808600
Error: (09/10/2015 10:50:02 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path43900
Error: (09/10/2015 10:50:02 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path25900
Error: (09/10/2015 10:50:02 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path17900
Error: (09/10/2015 10:50:02 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path23808600
CodeIntegrity:
===================================
Date: 2015-09-08 17:09:48.713
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-09-08 17:07:21.922
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-09-06 19:30:57.904
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-09-06 19:28:09.546
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-25 22:44:34.906
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-25 22:44:15.813
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-23 12:00:59.550
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-23 11:59:42.043
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 17:03:33.644
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-07-28 14:14:28.783
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3667U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 63%
Installierter physikalischer RAM: 7888.9 MB
Verfügbarer physikalischer RAM: 2892.02 MB
Summe virtueller Speicher: 15776 MB
Verfügbarer virtueller Speicher: 10017.04 MB
==================== Laufwerke ================================
Drive c: (Windows7_OS) (Fixed) (Total:200.43 GB) (Free:36.4 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:3.23 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: B605DD09)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)
==================== Ende von Addition.txt ============================
|
|
10.09.2015, 13:08
| #3 |
| /// the machine /// TB-Ausbilder    | Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige Textnachricht hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
10.09.2015, 14:22
| #4 |
| | Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige TextnachrichtCode:
ATTFilter 15:19:45.0363 0x3678 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
15:19:49.0208 0x3678 ============================================================
15:19:49.0208 0x3678 Current date / time: 2015/09/10 15:19:49.0208
15:19:49.0208 0x3678 SystemInfo:
15:19:49.0208 0x3678
15:19:49.0208 0x3678 OS Version: 6.1.7601 ServicePack: 1.0
15:19:49.0208 0x3678 Product type: Workstation
15:19:49.0209 0x3678 ComputerName: THINK
15:19:49.0211 0x3678 UserName: ******
15:19:49.0211 0x3678 Windows directory: C:\Windows
15:19:49.0211 0x3678 System windows directory: C:\Windows
15:19:49.0211 0x3678 Running under WOW64
15:19:49.0211 0x3678 Processor architecture: Intel x64
15:19:49.0211 0x3678 Number of processors: 4
15:19:49.0211 0x3678 Page size: 0x1000
15:19:49.0211 0x3678 Boot type: Normal boot
15:19:49.0211 0x3678 ============================================================
15:19:49.0288 0x3678 KLMD registered as C:\Windows\system32\drivers\30542496.sys
15:19:49.0402 0x3678 System UUID: {B8F224B9-A328-4D6D-7BBB-3D088D1DAA56}
15:19:49.0795 0x3678 Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:19:49.0799 0x3678 ============================================================
15:19:49.0799 0x3678 \Device\Harddisk0\DR0:
15:19:49.0799 0x3678 MBR partitions:
15:19:49.0799 0x3678 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
15:19:49.0799 0x3678 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x190DD000
15:19:49.0799 0x3678 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x193CB800, BlocksNum 0x1B58000
15:19:49.0799 0x3678 ============================================================
15:19:49.0801 0x3678 C: <-> \Device\Harddisk0\DR0\Partition2
15:19:49.0802 0x3678 Q: <-> \Device\Harddisk0\DR0\Partition3
15:19:49.0802 0x3678 ============================================================
15:19:49.0803 0x3678 Initialize success
15:19:49.0803 0x3678 ============================================================
15:20:28.0701 0x3224 ============================================================
15:20:28.0701 0x3224 Scan started
15:20:28.0701 0x3224 Mode: Manual; SigCheck; TDLFS;
15:20:28.0701 0x3224 ============================================================
15:20:28.0701 0x3224 KSN ping started
15:20:29.0832 0x3224 KSN ping finished: true
15:20:30.0085 0x3224 ================ Scan system memory ========================
15:20:30.0086 0x3224 System memory - ok
15:20:30.0086 0x3224 ================ Scan services =============================
15:20:30.0120 0x3224 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:20:30.0172 0x3224 1394ohci - ok
15:20:30.0184 0x3224 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:20:30.0200 0x3224 ACPI - ok
15:20:30.0204 0x3224 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:20:30.0222 0x3224 AcpiPmi - ok
15:20:30.0229 0x3224 [ C355E18A892271574976DFEC962A66C5, A3E13D15D5B54E77DF74592039E2056E926794B66E44E048BA90AB5006F4F5B7 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
15:20:30.0238 0x3224 AcPrfMgrSvc - ok
15:20:30.0246 0x3224 [ 59997CDE434376E03384C2659728DA17, C48FBAEF0FC58B22BB57C5B6650769BCF9D7AA8E556E93BB38A1E205D3DE9549 ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
15:20:30.0257 0x3224 AcSvc - ok
15:20:30.0266 0x3224 [ 430C19CB511FD6E0DDCD44B42B1810DA, 2EE9FFB0B6DEC653327D8932EC731D81FF86C64A67CD37AABD2022CF04AA487C ] AdobeActiveFileMonitor12.0 C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
15:20:30.0277 0x3224 AdobeActiveFileMonitor12.0 - ok
15:20:30.0283 0x3224 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:20:30.0292 0x3224 AdobeARMservice - ok
15:20:30.0321 0x3224 [ BBF37D81780EBB4919636CF7E5C789BE, AB866B25B0388D9F1CD79B7BDD85B2BDBF152DFFFAC91743CCC52AC00054ED6D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:20:30.0334 0x3224 AdobeFlashPlayerUpdateSvc - ok
15:20:30.0346 0x3224 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:20:30.0365 0x3224 adp94xx - ok
15:20:30.0374 0x3224 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:20:30.0392 0x3224 adpahci - ok
15:20:30.0400 0x3224 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:20:30.0412 0x3224 adpu320 - ok
15:20:30.0434 0x3224 [ 33D7E76F7DE0A73504742765105F178F, E7AFE2D6C3001CA8DC5AAC1A058032CED4D8EA640FC7322D74FF9AE4133A6261 ] AdvancedSystemCareService8 C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
15:20:30.0457 0x3224 AdvancedSystemCareService8 - ok
15:20:30.0465 0x3224 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:20:30.0479 0x3224 AeLookupSvc - ok
15:20:30.0493 0x3224 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
15:20:30.0517 0x3224 AFD - ok
15:20:30.0521 0x3224 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:20:30.0532 0x3224 agp440 - ok
15:20:30.0536 0x3224 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:20:30.0552 0x3224 ALG - ok
15:20:30.0554 0x3224 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:20:30.0564 0x3224 aliide - ok
15:20:30.0597 0x3224 ALSysIO - ok
15:20:30.0601 0x3224 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:20:30.0609 0x3224 amdide - ok
15:20:30.0615 0x3224 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:20:30.0628 0x3224 AmdK8 - ok
15:20:30.0633 0x3224 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:20:30.0644 0x3224 AmdPPM - ok
15:20:30.0649 0x3224 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:20:30.0660 0x3224 amdsata - ok
15:20:30.0665 0x3224 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:20:30.0677 0x3224 amdsbs - ok
15:20:30.0681 0x3224 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:20:30.0690 0x3224 amdxata - ok
15:20:30.0694 0x3224 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
15:20:30.0707 0x3224 AppID - ok
15:20:30.0710 0x3224 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:20:30.0720 0x3224 AppIDSvc - ok
15:20:30.0724 0x3224 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
15:20:30.0736 0x3224 Appinfo - ok
15:20:30.0742 0x3224 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
15:20:30.0755 0x3224 AppMgmt - ok
15:20:30.0760 0x3224 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
15:20:30.0770 0x3224 arc - ok
15:20:30.0774 0x3224 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:20:30.0783 0x3224 arcsas - ok
15:20:30.0795 0x3224 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:20:30.0805 0x3224 aspnet_state - ok
15:20:30.0808 0x3224 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:20:30.0856 0x3224 AsyncMac - ok
15:20:30.0859 0x3224 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:20:30.0867 0x3224 atapi - ok
15:20:30.0882 0x3224 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:20:30.0903 0x3224 AudioEndpointBuilder - ok
15:20:30.0917 0x3224 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:20:30.0936 0x3224 AudioSrv - ok
15:20:30.0947 0x3224 [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
15:20:30.0964 0x3224 AVP16.0.0 - ok
15:20:30.0969 0x3224 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:20:30.0990 0x3224 AxInstSV - ok
15:20:31.0001 0x3224 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:20:31.0019 0x3224 b06bdrv - ok
15:20:31.0027 0x3224 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:20:31.0041 0x3224 b57nd60a - ok
15:20:31.0048 0x3224 [ 455EB0128FD08E07EACE0C6F754A3AAD, E14237655F64B1576A67CC6A323933F13A5104003B53D46A650420F0279E8ADD ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
15:20:31.0059 0x3224 bcbtums - ok
15:20:31.0064 0x3224 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:20:31.0075 0x3224 BDESVC - ok
15:20:31.0078 0x3224 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:20:31.0101 0x3224 Beep - ok
15:20:31.0115 0x3224 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:20:31.0138 0x3224 BFE - ok
15:20:31.0169 0x3224 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
15:20:31.0238 0x3224 BITS - ok
15:20:31.0241 0x3224 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:20:31.0252 0x3224 blbdrive - ok
15:20:31.0256 0x3224 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:20:31.0269 0x3224 bowser - ok
15:20:31.0272 0x3224 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:20:31.0283 0x3224 BrFiltLo - ok
15:20:31.0286 0x3224 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:20:31.0297 0x3224 BrFiltUp - ok
15:20:31.0301 0x3224 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:20:31.0326 0x3224 BridgeMP - ok
15:20:31.0331 0x3224 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:20:31.0345 0x3224 Browser - ok
15:20:31.0352 0x3224 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:20:31.0370 0x3224 Brserid - ok
15:20:31.0374 0x3224 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:20:31.0386 0x3224 BrSerWdm - ok
15:20:31.0389 0x3224 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:20:31.0401 0x3224 BrUsbMdm - ok
15:20:31.0403 0x3224 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:20:31.0413 0x3224 BrUsbSer - ok
15:20:31.0416 0x3224 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:20:31.0428 0x3224 BthEnum - ok
15:20:31.0432 0x3224 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:20:31.0444 0x3224 BTHMODEM - ok
15:20:31.0449 0x3224 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:20:31.0462 0x3224 BthPan - ok
15:20:31.0475 0x3224 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
15:20:31.0495 0x3224 BTHPORT - ok
15:20:31.0500 0x3224 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:20:31.0525 0x3224 bthserv - ok
15:20:31.0529 0x3224 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
15:20:31.0539 0x3224 BTHUSB - ok
15:20:31.0552 0x3224 [ 96E22173FD0E2670A2A20C1EEECA162A, 2CC26317DBA063058178EA9B775C2A0FA2CF94FEDC6DF89F3D8314207D56DA24 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
15:20:31.0576 0x3224 btwampfl - ok
15:20:31.0582 0x3224 [ A771078558477068DFD8037B82EB00F8, 58E1686B12B747639FE3BF4CCA58D48B8BBB349C9D316315AD7237F44EF760A4 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
15:20:31.0597 0x3224 btwaudio - ok
15:20:31.0603 0x3224 [ 9FF58F76024D25784755B01F926B00BE, 7A2504E326E63B7225FA25EA6D6ED3E7267278F5D2343A375D7F3B3F74EC9F38 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
15:20:31.0615 0x3224 btwavdt - ok
15:20:31.0638 0x3224 [ C8306C64F95DABC69A11DF3A664C00FB, 1AFE7B7E9FADA3A55CACADA8FEC1C2646CB99DA71CD033A28239932253B807C4 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
15:20:31.0673 0x3224 btwdins - ok
15:20:31.0683 0x3224 [ B1ACFD00CDD13B48D86F46BFEC153BF9, CD7BE27D93364735511CC714B85CB7D97E21E84E3C2361EC405BADAAEA550925 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
15:20:31.0694 0x3224 btwl2cap - ok
15:20:31.0700 0x3224 [ EDD953D635F3AA89EF902E3F82D60D22, 22A60B225A1AD0F25B9715338C805FED9D5F4BCAC296BBC0D045C6935BDA55E7 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
15:20:31.0709 0x3224 btwrchid - ok
15:20:31.0735 0x3224 [ 4E1D29BD13F186158A4D788DF98984D1, 64D6F925860DDDCEED4342776C0133ECF81A4A70890DE8C7C8A6375F7677D867 ] CAMService C:\Program Files\Intel\CAM\bin\CAMService.exe
15:20:31.0779 0x3224 CAMService - ok
15:20:31.0783 0x3224 catchme - ok
15:20:31.0788 0x3224 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:20:31.0818 0x3224 cdfs - ok
15:20:31.0823 0x3224 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:20:31.0836 0x3224 cdrom - ok
15:20:31.0841 0x3224 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:20:31.0869 0x3224 CertPropSvc - ok
15:20:31.0872 0x3224 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
15:20:31.0886 0x3224 circlass - ok
15:20:31.0896 0x3224 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
15:20:31.0913 0x3224 CLFS - ok
15:20:31.0919 0x3224 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:20:31.0932 0x3224 clr_optimization_v2.0.50727_32 - ok
15:20:31.0937 0x3224 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:20:31.0948 0x3224 clr_optimization_v2.0.50727_64 - ok
15:20:31.0957 0x3224 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:20:31.0970 0x3224 clr_optimization_v4.0.30319_32 - ok
15:20:31.0975 0x3224 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:20:31.0988 0x3224 clr_optimization_v4.0.30319_64 - ok
15:20:31.0992 0x3224 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:20:32.0002 0x3224 CmBatt - ok
15:20:32.0005 0x3224 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:20:32.0014 0x3224 cmdide - ok
15:20:32.0023 0x3224 [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\Windows\system32\DRIVERS\cm_km.sys
15:20:32.0039 0x3224 cm_km - ok
15:20:32.0051 0x3224 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
15:20:32.0071 0x3224 CNG - ok
15:20:32.0074 0x3224 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:20:32.0082 0x3224 Compbatt - ok
15:20:32.0085 0x3224 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:20:32.0097 0x3224 CompositeBus - ok
15:20:32.0099 0x3224 COMSysApp - ok
15:20:32.0127 0x3224 [ A16DB15EAA50B48A521E600CEDB26466, 447DA46675469BE83CB5BA423EFB0ED004AE45E4C6D4EAC51A1411AEEB605861 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:20:32.0140 0x3224 cphs - ok
15:20:32.0166 0x3224 cpuz137 - ok
15:20:32.0191 0x3224 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:20:32.0200 0x3224 crcdisk - ok
15:20:32.0207 0x3224 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:20:32.0221 0x3224 CryptSvc - ok
15:20:32.0233 0x3224 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
15:20:32.0253 0x3224 CSC - ok
15:20:32.0267 0x3224 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
15:20:32.0291 0x3224 CscService - ok
15:20:32.0303 0x3224 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:20:32.0338 0x3224 DcomLaunch - ok
15:20:32.0345 0x3224 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:20:32.0374 0x3224 defragsvc - ok
15:20:32.0378 0x3224 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:20:32.0403 0x3224 DfsC - ok
15:20:32.0409 0x3224 [ 1E0F456A03E204F92D24437CD907A512, 8BB28AF33BDEFFECC4EC5C6BFBFBDA525A32FA6A26382353E01FF94BAD2A200C ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
15:20:32.0418 0x3224 dg_ssudbus - ok
15:20:32.0426 0x3224 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:20:32.0442 0x3224 Dhcp - ok
15:20:32.0466 0x3224 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
15:20:32.0500 0x3224 DiagTrack - ok
15:20:32.0504 0x3224 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:20:32.0528 0x3224 discache - ok
15:20:32.0532 0x3224 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
15:20:32.0541 0x3224 Disk - ok
15:20:32.0545 0x3224 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:20:32.0556 0x3224 dmvsc - ok
15:20:32.0563 0x3224 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:20:32.0576 0x3224 Dnscache - ok
15:20:32.0583 0x3224 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:20:32.0611 0x3224 dot3svc - ok
15:20:32.0620 0x3224 [ 9597BCB69286FF017DB1A0FB8144408D, B477E4E7C3B49A77075B3165079E29FF1908C81E2BCCB930B47DCCF7DA5C417C ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
15:20:32.0634 0x3224 DozeSvc - ok
15:20:32.0639 0x3224 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:20:32.0666 0x3224 DPS - ok
15:20:32.0669 0x3224 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:20:32.0679 0x3224 drmkaud - ok
15:20:32.0699 0x3224 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:20:32.0726 0x3224 DXGKrnl - ok
15:20:32.0731 0x3224 [ 3CE83D7EE95D9C9F03323810A2E747DF, 50E34E2EC26584A1BE06EA5049481D1AE2F3213B2A81BA86411623ADCEE24F53 ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
15:20:32.0739 0x3224 DzHDD64 - ok
15:20:32.0742 0x3224 [ A0D5450B3D4689DCE4CBBC8268141C37, 86674139314058AB8D8B12BED193828C006329CBA70FA5469E5D39526867B346 ] e.dentifier2 C:\Windows\system32\DRIVERS\aabed2.sys
15:20:32.0752 0x3224 e.dentifier2 - ok
15:20:32.0757 0x3224 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:20:32.0782 0x3224 EapHost - ok
15:20:32.0963 0x3224 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:20:33.0040 0x3224 ebdrv - ok
15:20:33.0050 0x3224 [ B90BEFCCEB59C83AC65BFD39EF7404F4, E67C41BF4512948F4F30CE981F4BCF52E3A93EBBAE8408783E9D2D3A04C5CB46 ] ecnssndis C:\Windows\system32\Drivers\wwuss64.sys
15:20:33.0059 0x3224 ecnssndis - ok
15:20:33.0064 0x3224 [ 1CF09C0555BE49EFE96B33BDA514A334, 63D57C887EB259EA364CBF89AB1D85D7C86D980AAD26E727185ED48348D60A15 ] ecnssndisfltr C:\Windows\system32\Drivers\wwussf64.sys
15:20:33.0072 0x3224 ecnssndisfltr - ok
15:20:33.0078 0x3224 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\Windows\System32\lsass.exe
15:20:33.0090 0x3224 EFS - ok
15:20:33.0108 0x3224 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:20:33.0136 0x3224 ehRecvr - ok
15:20:33.0140 0x3224 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:20:33.0154 0x3224 ehSched - ok
15:20:33.0167 0x3224 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:20:33.0186 0x3224 elxstor - ok
15:20:33.0189 0x3224 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:20:33.0200 0x3224 ErrDev - ok
15:20:33.0213 0x3224 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:20:33.0256 0x3224 EventSystem - ok
15:20:33.0274 0x3224 [ 323740D842252032D57B5DED757C65D5, 617875CA136E0CDA7C4856C4D0C2B233EE09078E5B46C515CA2476CCCE44AF00 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:20:33.0291 0x3224 EvtEng - ok
15:20:33.0297 0x3224 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:20:33.0326 0x3224 exfat - ok
15:20:33.0332 0x3224 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:20:33.0360 0x3224 fastfat - ok
15:20:33.0375 0x3224 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:20:33.0398 0x3224 Fax - ok
15:20:33.0402 0x3224 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
15:20:33.0412 0x3224 fdc - ok
15:20:33.0415 0x3224 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:20:33.0440 0x3224 fdPHost - ok
15:20:33.0443 0x3224 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:20:33.0468 0x3224 FDResPub - ok
15:20:33.0471 0x3224 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:20:33.0480 0x3224 FileInfo - ok
15:20:33.0484 0x3224 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:20:33.0508 0x3224 Filetrace - ok
15:20:33.0511 0x3224 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:20:33.0521 0x3224 flpydisk - ok
15:20:33.0528 0x3224 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:20:33.0541 0x3224 FltMgr - ok
15:20:33.0564 0x3224 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
15:20:33.0596 0x3224 FontCache - ok
15:20:33.0602 0x3224 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:20:33.0609 0x3224 FontCache3.0.0.0 - ok
15:20:33.0612 0x3224 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:20:33.0621 0x3224 FsDepends - ok
15:20:33.0624 0x3224 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:20:33.0632 0x3224 Fs_Rec - ok
15:20:33.0638 0x3224 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:20:33.0652 0x3224 fvevol - ok
15:20:33.0656 0x3224 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:20:33.0664 0x3224 gagp30kx - ok
15:20:33.0667 0x3224 [ 9F5E8645FECD68C0ECC374F5A4AE068A, 7F225A1DC6B665EF3DB8B19D553194A1D6020EEDA74A9CEE0E9B22FE4573C4B6 ] gfiark C:\Windows\system32\drivers\gfiark.sys
15:20:33.0675 0x3224 gfiark - ok
15:20:33.0678 0x3224 [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto C:\Windows\system32\drivers\gfibto.sys
15:20:33.0685 0x3224 gfibto - ok
15:20:33.0703 0x3224 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
15:20:33.0741 0x3224 gpsvc - ok
15:20:33.0751 0x3224 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:20:33.0760 0x3224 gupdate - ok
15:20:33.0764 0x3224 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:20:33.0772 0x3224 gupdatem - ok
15:20:33.0776 0x3224 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:20:33.0786 0x3224 hcw85cir - ok
15:20:33.0795 0x3224 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:20:33.0812 0x3224 HdAudAddService - ok
15:20:33.0816 0x3224 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:20:33.0829 0x3224 HDAudBus - ok
15:20:33.0832 0x3224 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:20:33.0841 0x3224 HidBatt - ok
15:20:33.0845 0x3224 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:20:33.0858 0x3224 HidBth - ok
15:20:33.0861 0x3224 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
15:20:33.0873 0x3224 HidIr - ok
15:20:33.0877 0x3224 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
15:20:33.0902 0x3224 hidserv - ok
15:20:33.0906 0x3224 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:20:33.0916 0x3224 HidUsb - ok
15:20:33.0920 0x3224 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:20:33.0946 0x3224 hkmsvc - ok
15:20:33.0952 0x3224 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:20:33.0967 0x3224 HomeGroupListener - ok
15:20:33.0972 0x3224 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:20:33.0985 0x3224 HomeGroupProvider - ok
15:20:33.0989 0x3224 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:20:33.0998 0x3224 HpSAMD - ok
15:20:34.0013 0x3224 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:20:34.0036 0x3224 HTTP - ok
15:20:34.0060 0x3224 [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
15:20:34.0068 0x3224 HWiNFO32 - ok
15:20:34.0071 0x3224 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:20:34.0079 0x3224 hwpolicy - ok
15:20:34.0085 0x3224 [ 16A7CA284629A4D002F7B992C9A49EF9, FEA48B8DAAE18042C87F05D7C07251F4543D0E9F49C7B705E55477E7F75884A3 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
15:20:34.0102 0x3224 HyperW7Svc - ok
15:20:34.0106 0x3224 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:20:34.0117 0x3224 i8042prt - ok
15:20:34.0130 0x3224 [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:20:34.0146 0x3224 iaStor - ok
15:20:34.0159 0x3224 [ 8BE099617DA18FE085A40D47FC156B1B, A5F7AB41D32DF8A12F1945C263EE954CE15069C3CFD7131C74A8A3F4EC3AC122 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
15:20:34.0180 0x3224 iaStorA - ok
15:20:34.0184 0x3224 [ 005C0887D8B57A19883E3ADEF5478F05, E4D53F6197F128C5A753DBA0592619893D93F87575678E9708830B04C4CE1553 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
15:20:34.0192 0x3224 iaStorF - ok
15:20:34.0201 0x3224 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:20:34.0217 0x3224 iaStorV - ok
15:20:34.0220 0x3224 [ B005844661028E11480D724A709CC298, DC738AA0246581814915160BA824C2DB9009E6CFCCDB6A268F08C8D13F52BEB0 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
15:20:34.0229 0x3224 IBMPMDRV - ok
15:20:34.0233 0x3224 [ ED802CE6B36E280401197F593634C1DD, 620F2D5F40B8E61DE606FC1B1B1DCDD12BE7431E065F9CB776FDCFF915B1D243 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
15:20:34.0241 0x3224 IBMPMSVC - ok
15:20:34.0246 0x3224 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
15:20:34.0255 0x3224 ICCS - ok
15:20:34.0274 0x3224 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:20:34.0298 0x3224 idsvc - ok
15:20:34.0302 0x3224 IEEtwCollectorService - ok
15:20:34.0379 0x3224 [ 25CF598CED35AE372C04F31BCD8AEE0D, 5232437EDD8A235C2E5B51DE950F3489037AE9976B143A8630D29B92ACDA22B1 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:20:34.0478 0x3224 igfx - ok
15:20:34.0485 0x3224 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:20:34.0494 0x3224 iirsp - ok
15:20:34.0511 0x3224 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:20:34.0535 0x3224 IKEEXT - ok
15:20:34.0541 0x3224 [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
15:20:34.0549 0x3224 intaud_WaveExtensible - ok
15:20:34.0611 0x3224 [ 0CDE7928C4B99C25AAED3B4E84E78168, 5B5444574551D2637A3827F26D248573AECE1B12DFA175C13B10B2A777AD2513 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:20:34.0686 0x3224 IntcAzAudAddService - ok
15:20:34.0701 0x3224 [ B375D8686E1BD2B79C0F00E3868A8C3B, A15D99F04B69FB37ED3AC0C3BBA464BF6D6EB1873D4AE1062983120E3BD1C4DB ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:20:34.0717 0x3224 IntcDAud - ok
15:20:34.0732 0x3224 [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:20:34.0750 0x3224 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
15:20:35.0876 0x3224 Detect skipped due to KSN trusted
15:20:35.0876 0x3224 Intel(R) Capability Licensing Service Interface - ok
15:20:35.0919 0x3224 [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
15:20:35.0955 0x3224 Intel(R) Capability Licensing Service TCP IP Interface - ok
15:20:35.0960 0x3224 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:20:35.0968 0x3224 intelide - ok
15:20:35.0971 0x3224 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:20:35.0982 0x3224 intelppm - ok
15:20:35.0986 0x3224 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:20:36.0011 0x3224 IPBusEnum - ok
15:20:36.0015 0x3224 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:20:36.0039 0x3224 IpFilterDriver - ok
15:20:36.0053 0x3224 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:20:36.0075 0x3224 iphlpsvc - ok
15:20:36.0079 0x3224 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:20:36.0090 0x3224 IPMIDRV - ok
15:20:36.0094 0x3224 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:20:36.0120 0x3224 IPNAT - ok
15:20:36.0123 0x3224 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:20:36.0135 0x3224 IRENUM - ok
15:20:36.0138 0x3224 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:20:36.0146 0x3224 isapnp - ok
15:20:36.0154 0x3224 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:20:36.0167 0x3224 iScsiPrt - ok
15:20:36.0171 0x3224 [ 970995B7C36F4408ED31C3BF204FE1F5, 466C5FA3A26E997009E33EA9B0923BFE7FCC9D367444F31C1BEB3D6EACDB6BA9 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
15:20:36.0179 0x3224 ISCT - ok
15:20:36.0182 0x3224 [ 68CF5515B176527523ED379915350AE3, C69C7B69ECAE290A27F0D3DF6C989CDA667A0C4807216D3C0390EECFC4108D16 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
15:20:36.0189 0x3224 iusb3hcs - ok
15:20:36.0198 0x3224 [ EE522B28633D275BFE12EF70F4936E37, 420153B13CF3C2AD566A8A3EAFDBE57877E41BA8D3130447EFF97E14D2C61FED ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
15:20:36.0212 0x3224 iusb3hub - ok
15:20:36.0227 0x3224 [ 69AB13996A97F8168538F98FB832A86B, 305DD07ACE25E83175FD95DBBB4B1A276ECFB1DAB840595182C03FED7B02B2EB ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
15:20:36.0249 0x3224 iusb3xhc - ok
15:20:36.0254 0x3224 [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
15:20:36.0263 0x3224 iwdbus - ok
15:20:36.0273 0x3224 [ A3B59E5887B294F2ED06A522F0FDC9D3, 38B8453FC100C74376E6B36D71F27228D1EBE1094ED0175F96C018C958B1B37A ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:20:36.0282 0x3224 jhi_service - ok
15:20:36.0285 0x3224 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:20:36.0294 0x3224 kbdclass - ok
15:20:36.0297 0x3224 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:20:36.0307 0x3224 kbdhid - ok
15:20:36.0310 0x3224 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\Windows\system32\lsass.exe
15:20:36.0318 0x3224 KeyIso - ok
15:20:36.0329 0x3224 [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
15:20:36.0346 0x3224 kl1 - ok
15:20:36.0350 0x3224 [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\Windows\system32\DRIVERS\klbackupdisk.sys
15:20:36.0360 0x3224 klbackupdisk - ok
15:20:36.0363 0x3224 [ C80861511ADA03A65DC12FAA207592F8, 2B50E009DB0D050099E558B7510104B930966EE8BB94CC0F62D1BFD765D5C7AD ] klbackupflt C:\Windows\system32\DRIVERS\klbackupflt.sys
15:20:36.0374 0x3224 klbackupflt - ok
15:20:36.0379 0x3224 [ 1557DF622127972EDB3DD3A61E7763CC, F6E8F31760B549B882180EB6FB45B40CA6CEDC5E61B11E02609C26E053F7C902 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
15:20:36.0388 0x3224 kldisk - ok
15:20:36.0394 0x3224 [ 6D3F864756213A589A86B2E93EBEB3F9, 19B1F21B92E206CAE48AE29EDCFCCA7346E5C8C8F93CA798576D90F112A8B990 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
15:20:36.0412 0x3224 klflt - ok
15:20:36.0419 0x3224 [ FA4108F8C8067E4CDF01CD33BF372280, 69317362032BC353851A1696689FA4A7CA343737B8C3E4D2799BC0CD7079376F ] klhk C:\Windows\system32\DRIVERS\klhk.sys
15:20:36.0441 0x3224 klhk - ok
15:20:36.0460 0x3224 [ D4EAEEF7BCB49EC1DF1BFA55C9D68ABC, 7546B7DB9EB8743D976CC0F4C567F367361138168F4A751EA461E81A2D66985E ] KLIF C:\Windows\system32\DRIVERS\klif.sys
15:20:36.0494 0x3224 KLIF - ok
15:20:36.0498 0x3224 [ 3553584440A11136C899B67ACC8CBE9D, B3D6D2E78B0FF0AF5A98E708D977978EA81E99D78F2E9CA2145B466AB4B11342 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
15:20:36.0509 0x3224 KLIM6 - ok
15:20:36.0513 0x3224 [ 22C4E9381C60DA78161FA042FDBA6873, B6CC05C1401E788BCCC8CF668216D9B78A8B51409D3CFBF419047933195062E0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
15:20:36.0523 0x3224 klkbdflt - ok
15:20:36.0527 0x3224 [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
15:20:36.0536 0x3224 klmouflt - ok
15:20:36.0540 0x3224 [ 55C46046D2EED16C05B237BA2C881207, 91569E97E2F1FC6B74A1D46168E91F5279A1419A4A51DD28A27520C0B59E5285 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
15:20:36.0549 0x3224 klpd - ok
15:20:36.0553 0x3224 [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
15:20:36.0562 0x3224 kltdi - ok
15:20:36.0567 0x3224 [ 2AA3537309C2B9A7F120FB9E6A38250A, 6FD904542E0A21C4D6E46FB3EE11789938B90151D24531EB5319E62759D225DF ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
15:20:36.0577 0x3224 Klwtp - ok
15:20:36.0583 0x3224 [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
15:20:36.0595 0x3224 kneps - ok
15:20:36.0600 0x3224 [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:20:36.0609 0x3224 KSecDD - ok
15:20:36.0615 0x3224 [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:20:36.0626 0x3224 KSecPkg - ok
15:20:36.0629 0x3224 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:20:36.0655 0x3224 ksthunk - ok
15:20:36.0664 0x3224 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:20:36.0696 0x3224 KtmRm - ok
15:20:36.0701 0x3224 [ 69355633064DF425098477A3247B9448, 07F5E633D9C7FEEC1B451765EBD27835AB101B29230DAC037C2B659074C586A9 ] l36wgps C:\Windows\system32\DRIVERS\l36wgps64.sys
15:20:36.0711 0x3224 l36wgps - ok
15:20:36.0715 0x3224 [ 95DA07E4859396912D8E5630DA5A9324, E49278419B7F121C8A51926B56043D2BD0CE26335F580BBAE394348275542B48 ] l36wscard C:\Windows\system32\DRIVERS\l36wscard.sys
15:20:36.0723 0x3224 l36wscard - ok
15:20:36.0730 0x3224 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:20:36.0758 0x3224 LanmanServer - ok
15:20:36.0762 0x3224 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:20:36.0789 0x3224 LanmanWorkstation - ok
15:20:36.0794 0x3224 [ 070A31A7AEDBC6FC0E990D4944A95FB4, A486D85D1F4857F832AA45372FF531C9001329FD02CEFB16DDC1C82CDC0A8FF1 ] LenLan C:\Windows\system32\DRIVERS\LenLan.sys
15:20:36.0806 0x3224 LenLan - ok
15:20:36.0813 0x3224 [ 4A0235E9822B220339E34D8C122BB6D1, 75FE0158F4123E3252F543FED3F622547F32EE15B1ABA16C8D23405B6BAEBCE5 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
15:20:36.0820 0x3224 LENOVO.CAMMUTE - ok
15:20:36.0825 0x3224 [ 521ADEA6D54C519EA3BE8202FF3EC36D, E29C88321C0F8B136951B617C206B36AE25D68EF08E723DE99064EF9BE87A3F9 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
15:20:36.0840 0x3224 LENOVO.MICMUTE - ok
15:20:36.0844 0x3224 [ 93921A19D885755B9751C3744DBCB8FD, A1A59DE5819D2C4D4CEA4917DAB569925928165177F0B081D5C03BD6D7EFE3D2 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
15:20:36.0851 0x3224 LENOVO.TPKNRSVC - ok
15:20:36.0857 0x3224 [ 79F99A4D59825839B7E563B4BCF52C5E, 3D7B1F292A36E8E4109557B880603B7BEB512457CC495F591DCE44EC34AA0E39 ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
15:20:36.0865 0x3224 LENOVO.TVTVCAM - ok
15:20:36.0870 0x3224 [ EE982F13F0957AB40992DDBC47164A76, C75AA052A8B2E5A1CBA06C32D855B74C576F2E349B8D1A4570F7E991933FEE6A ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
15:20:36.0878 0x3224 Lenovo.VIRTSCRLSVC - ok
15:20:36.0887 0x3224 [ 77D5786C6A7765503884E38706C9FD5E, 827DC2069AA0997DB87E118AAAA53575D97A89147C1451464986F8D68A329D41 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:20:36.0895 0x3224 LHidFilt - ok
15:20:36.0946 0x3224 [ 337FA50FFDED5E2BC94B36BF625AB681, BC77CCED8F2B52D26C7A2D7960FB5C1690F5D7E41013644C9226A85C9FF4FA2C ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
15:20:37.0013 0x3224 LiveUpdateSvc - ok
15:20:37.0020 0x3224 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:20:37.0045 0x3224 lltdio - ok
15:20:37.0052 0x3224 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:20:37.0085 0x3224 lltdsvc - ok
15:20:37.0088 0x3224 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:20:37.0113 0x3224 lmhosts - ok
15:20:37.0117 0x3224 [ F84023FB2E3DEA06103501974A2EDB44, 38144EB7DE7F0B33F9C3E637715834CD0860CCE11915C77065000949767D98DF ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:20:37.0125 0x3224 LMouFilt - ok
15:20:37.0134 0x3224 [ 3142FC089FE8FCF79B442B91BC4F0C16, ECF8E9CC84B87D19C4762E73EA2DD80B336A9C42A67512F2E73179F49484592A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:20:37.0147 0x3224 LMS - ok
15:20:37.0150 0x3224 [ 285BE1702B8ED8EDDE032C2994845A48, 2E8829A7F28456B9035A53C2488507577B5A08C5E90C29B0089386773D31A453 ] lnvDiscoveryWinSvc C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
15:20:37.0157 0x3224 lnvDiscoveryWinSvc - ok
15:20:37.0166 0x3224 [ CE87E8E09273791172F7A1C60B225648, 03AB8A69C5A58FD3BCFF9E36FF83338B6866D82E4E550CD7CED686C4CC096DC1 ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
15:20:37.0178 0x3224 LSCWinService - ok
15:20:37.0183 0x3224 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:20:37.0193 0x3224 LSI_FC - ok
15:20:37.0197 0x3224 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:20:37.0207 0x3224 LSI_SAS - ok
15:20:37.0210 0x3224 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:20:37.0220 0x3224 LSI_SAS2 - ok
15:20:37.0224 0x3224 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:20:37.0234 0x3224 LSI_SCSI - ok
15:20:37.0239 0x3224 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:20:37.0265 0x3224 luafv - ok
15:20:37.0269 0x3224 [ 97355D9AAC9EC42A7DFC9664F81FC699, B96E483271F326135F2CB7797A7EEFFCA275761FE75134849DCAA812E26523B8 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
15:20:37.0278 0x3224 LUsbFilt - ok
15:20:37.0281 0x3224 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:20:37.0289 0x3224 MBAMProtector - ok
15:20:37.0310 0x3224 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
15:20:37.0338 0x3224 MBAMService - ok
15:20:37.0343 0x3224 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:20:37.0351 0x3224 MBAMWebAccessControl - ok
15:20:37.0363 0x3224 [ 7FC758B6B562E8105758328961EE50F2, DE12E5C0283510C21632157D151D1168C09CCEB3F3BFAA58357DE652450687FE ] Mbm3CBus C:\Windows\system32\DRIVERS\Mbm3CBus.sys
15:20:37.0378 0x3224 Mbm3CBus - ok
15:20:37.0388 0x3224 [ 9644C6B313A08B36E3577193FE844197, BA51DFD136CC741EF908402F21FC6748805B50EC4DE162415E50A3273D0EA3BE ] Mbm3DevMt C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
15:20:37.0404 0x3224 Mbm3DevMt - ok
15:20:37.0407 0x3224 [ FAFA77810CB6C4E196C7CD28855292BB, C59E5C297FDE253DACAC4371847E7BA741CCE297633EBA92CD028930D70B28CB ] Mbm3mdfl C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
15:20:37.0415 0x3224 Mbm3mdfl - ok
15:20:37.0425 0x3224 [ A1A8597F1EB14A27DDA510371498C0AB, 6D22A5FA1C22FD871146516311C1F657B59CFAFF9458CCF8F2D55C971353F4A1 ] Mbm3Mdm C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
15:20:37.0442 0x3224 Mbm3Mdm - ok
15:20:37.0446 0x3224 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:20:37.0457 0x3224 Mcx2Svc - ok
15:20:37.0460 0x3224 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
15:20:37.0469 0x3224 megasas - ok
15:20:37.0476 0x3224 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:20:37.0489 0x3224 MegaSR - ok
15:20:37.0494 0x3224 [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:20:37.0504 0x3224 MEIx64 - ok
15:20:37.0510 0x3224 Microsoft SharePoint Workspace Audit Service - ok
15:20:37.0514 0x3224 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:20:37.0538 0x3224 MMCSS - ok
15:20:37.0542 0x3224 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:20:37.0565 0x3224 Modem - ok
15:20:37.0568 0x3224 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:20:37.0580 0x3224 monitor - ok
15:20:37.0585 0x3224 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:20:37.0594 0x3224 mouclass - ok
15:20:37.0597 0x3224 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:20:37.0606 0x3224 mouhid - ok
15:20:37.0611 0x3224 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:20:37.0621 0x3224 mountmgr - ok
15:20:37.0625 0x3224 [ CC11EEB7AF4617D65DF0E9A21FC1ABD0, A683A5FB26E1B9FB4EEB40A9C7186F8433E3FB0A45848DF6102EF07B4DC75AC8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:20:37.0635 0x3224 MozillaMaintenance - ok
15:20:37.0641 0x3224 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:20:37.0652 0x3224 mpio - ok
15:20:37.0656 0x3224 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:20:37.0681 0x3224 mpsdrv - ok
15:20:37.0700 0x3224 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:20:37.0739 0x3224 MpsSvc - ok
15:20:37.0744 0x3224 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:20:37.0757 0x3224 MRxDAV - ok
15:20:37.0762 0x3224 [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:20:37.0776 0x3224 mrxsmb - ok
15:20:37.0784 0x3224 [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:20:37.0798 0x3224 mrxsmb10 - ok
15:20:37.0804 0x3224 [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:20:37.0816 0x3224 mrxsmb20 - ok
15:20:37.0819 0x3224 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:20:37.0827 0x3224 msahci - ok
15:20:37.0832 0x3224 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:20:37.0842 0x3224 msdsm - ok
15:20:37.0847 0x3224 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:20:37.0860 0x3224 MSDTC - ok
15:20:37.0864 0x3224 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:20:37.0889 0x3224 Msfs - ok
15:20:37.0892 0x3224 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:20:37.0916 0x3224 mshidkmdf - ok
15:20:37.0920 0x3224 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:20:37.0928 0x3224 msisadrv - ok
15:20:37.0933 0x3224 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:20:37.0971 0x3224 MSiSCSI - ok
15:20:37.0974 0x3224 msiserver - ok
15:20:37.0976 0x3224 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:20:38.0000 0x3224 MSKSSRV - ok
15:20:38.0004 0x3224 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:20:38.0028 0x3224 MSPCLOCK - ok
15:20:38.0032 0x3224 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:20:38.0055 0x3224 MSPQM - ok
15:20:38.0063 0x3224 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:20:38.0078 0x3224 MsRPC - ok
15:20:38.0082 0x3224 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:20:38.0090 0x3224 mssmbios - ok
15:20:38.0093 0x3224 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:20:38.0119 0x3224 MSTEE - ok
15:20:38.0122 0x3224 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:20:38.0131 0x3224 MTConfig - ok
15:20:38.0135 0x3224 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:20:38.0144 0x3224 Mup - ok
15:20:38.0152 0x3224 [ CD8DD76B58803B36FDC7C6B5D68300DD, 7F8672E22BFC2993A50D85F7749C1007FA7C4010FB51CA44F47B2A3028FEC0B7 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:20:38.0164 0x3224 MyWiFiDHCPDNS - ok
15:20:38.0174 0x3224 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:20:38.0208 0x3224 napagent - ok
15:20:38.0216 0x3224 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:20:38.0234 0x3224 NativeWifiP - ok
15:20:38.0254 0x3224 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
15:20:38.0284 0x3224 NDIS - ok
15:20:38.0289 0x3224 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:20:38.0314 0x3224 NdisCap - ok
15:20:38.0317 0x3224 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:20:38.0342 0x3224 NdisTapi - ok
15:20:38.0346 0x3224 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:20:38.0378 0x3224 Ndisuio - ok
15:20:38.0383 0x3224 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:20:38.0410 0x3224 NdisWan - ok
15:20:38.0413 0x3224 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:20:38.0437 0x3224 NDProxy - ok
15:20:38.0440 0x3224 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:20:38.0465 0x3224 NetBIOS - ok
15:20:38.0471 0x3224 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:20:38.0499 0x3224 NetBT - ok
15:20:38.0502 0x3224 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\Windows\system32\lsass.exe
15:20:38.0510 0x3224 Netlogon - ok
15:20:38.0519 0x3224 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:20:38.0551 0x3224 Netman - ok
15:20:38.0561 0x3224 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:20:38.0573 0x3224 NetMsmqActivator - ok
15:20:38.0577 0x3224 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:20:38.0587 0x3224 NetPipeActivator - ok
15:20:38.0597 0x3224 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:20:38.0630 0x3224 netprofm - ok
15:20:38.0636 0x3224 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:20:38.0646 0x3224 NetTcpActivator - ok
15:20:38.0651 0x3224 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:20:38.0661 0x3224 NetTcpPortSharing - ok
15:20:38.0860 0x3224 [ 9233F2F1A3CD407A6622F6D38F120838, BA63FB78A29718F5F9DE5B967B4BAE8D3F455356855BB8E2A03DFF760BE6A6DA ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
15:20:39.0085 0x3224 NETwNs64 - ok
15:20:39.0098 0x3224 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:20:39.0107 0x3224 nfrd960 - ok
15:20:39.0113 0x3224 [ BC4B7FA7F7EBE5E9CC70885A2CB727D0, 0BC3EF7B5CEC9A4639607E5F901A65296F150B451714DF754847637D98CD8D98 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
15:20:39.0124 0x3224 NitroDriverReadSpool2 - ok
15:20:39.0132 0x3224 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:20:39.0149 0x3224 NlaSvc - ok
15:20:39.0153 0x3224 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:20:39.0177 0x3224 Npfs - ok
15:20:39.0180 0x3224 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:20:39.0206 0x3224 nsi - ok
15:20:39.0209 0x3224 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:20:39.0235 0x3224 nsiproxy - ok
15:20:39.0267 0x3224 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:20:39.0305 0x3224 Ntfs - ok
15:20:39.0309 0x3224 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:20:39.0333 0x3224 Null - ok
15:20:39.0339 0x3224 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:20:39.0351 0x3224 nvraid - ok
15:20:39.0356 0x3224 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:20:39.0366 0x3224 nvstor - ok
15:20:39.0371 0x3224 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:20:39.0382 0x3224 nv_agp - ok
15:20:39.0386 0x3224 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:20:39.0396 0x3224 ohci1394 - ok
15:20:39.0402 0x3224 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:20:39.0411 0x3224 ose - ok
15:20:39.0496 0x3224 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:20:39.0584 0x3224 osppsvc - ok
15:20:39.0598 0x3224 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:20:39.0614 0x3224 p2pimsvc - ok
15:20:39.0624 0x3224 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:20:39.0641 0x3224 p2psvc - ok
15:20:39.0645 0x3224 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
15:20:39.0656 0x3224 Parport - ok
15:20:39.0660 0x3224 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:20:39.0669 0x3224 partmgr - ok
15:20:39.0675 0x3224 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:20:39.0688 0x3224 PcaSvc - ok
15:20:39.0695 0x3224 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:20:39.0706 0x3224 pci - ok
15:20:39.0709 0x3224 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:20:39.0716 0x3224 pciide - ok
15:20:39.0723 0x3224 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:20:39.0735 0x3224 pcmcia - ok
15:20:39.0738 0x3224 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:20:39.0747 0x3224 pcw - ok
15:20:39.0760 0x3224 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:20:39.0781 0x3224 PEAUTH - ok
15:20:39.0807 0x3224 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:20:39.0842 0x3224 PeerDistSvc - ok
15:20:39.0869 0x3224 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:20:39.0879 0x3224 PerfHost - ok
15:20:39.0885 0x3224 [ B4C1BF666DBD6899EC4A9A499DAA040B, D6F9E42F25DCBE19A3766165D96CC2D30E834B19B841688FD6A2E26FD9166315 ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
15:20:39.0893 0x3224 PHCORE - ok
15:20:39.0920 0x3224 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:20:39.0969 0x3224 pla - ok
15:20:39.0979 0x3224 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:20:39.0998 0x3224 PlugPlay - ok
15:20:40.0003 0x3224 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:20:40.0014 0x3224 PNRPAutoReg - ok
15:20:40.0022 0x3224 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:20:40.0035 0x3224 PNRPsvc - ok
15:20:40.0046 0x3224 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:20:40.0078 0x3224 PolicyAgent - ok
15:20:40.0088 0x3224 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
15:20:40.0102 0x3224 Power - ok
15:20:40.0132 0x3224 [ D47E74C5D68F28CDF90486C4B297A4EB, 71CDF87AB64F35D3F261E73414C188B808CEF6E073CB0AF5783E7BBAD52CCB43 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
15:20:40.0169 0x3224 Power Manager DBC Service - ok
15:20:40.0175 0x3224 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:20:40.0200 0x3224 PptpMiniport - ok
15:20:40.0204 0x3224 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
15:20:40.0214 0x3224 Processor - ok
15:20:40.0220 0x3224 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
15:20:40.0235 0x3224 ProfSvc - ok
15:20:40.0238 0x3224 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
15:20:40.0247 0x3224 ProtectedStorage - ok
15:20:40.0250 0x3224 [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
15:20:40.0258 0x3224 psadd - ok
15:20:40.0262 0x3224 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:20:40.0288 0x3224 Psched - ok
15:20:40.0318 0x3224 [ 88831D5178E82C77BEA028761293E695, C29434D66AA82A2941A5A683D0F10D2B61D732BD96E5A3AFB2BD7D550A36E1D7 ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
15:20:40.0355 0x3224 PwmEWSvc - ok
15:20:40.0360 0x3224 [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64 C:\Windows\system32\drivers\PxHlpa64.sys
15:20:40.0369 0x3224 PxHlpa64 - ok
15:20:40.0397 0x3224 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:20:40.0432 0x3224 ql2300 - ok
15:20:40.0438 0x3224 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:20:40.0449 0x3224 ql40xx - ok
15:20:40.0453 0x3224 [ 1866DA8DEE86D64F89AEA8B3BF6D824C, 841D6FB80D9ECAF71EB918E5717B5458FC37B43C9AB0C1455B0569487B3CE487 ] QuickControlMasterSvc C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
15:20:40.0461 0x3224 QuickControlMasterSvc - ok
15:20:40.0469 0x3224 [ 38DC74BA3862A7690367AA0A01B2F80E, C1079867E1C23FE91225BF0D3E35EF750A44395A6CB8CE0CF752B3CB1DC6507F ] QuickControlService C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
15:20:40.0480 0x3224 QuickControlService - ok
15:20:40.0487 0x3224 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:20:40.0504 0x3224 QWAVE - ok
15:20:40.0507 0x3224 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:20:40.0520 0x3224 QWAVEdrv - ok
15:20:40.0523 0x3224 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:20:40.0547 0x3224 RasAcd - ok
15:20:40.0552 0x3224 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:20:40.0577 0x3224 RasAgileVpn - ok
15:20:40.0581 0x3224 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:20:40.0607 0x3224 RasAuto - ok
15:20:40.0614 0x3224 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:20:40.0640 0x3224 Rasl2tp - ok
15:20:40.0649 0x3224 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:20:40.0680 0x3224 RasMan - ok
15:20:40.0684 0x3224 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:20:40.0711 0x3224 RasPppoe - ok
15:20:40.0715 0x3224 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:20:40.0739 0x3224 RasSstp - ok
15:20:40.0747 0x3224 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:20:40.0777 0x3224 rdbss - ok
15:20:40.0780 0x3224 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:20:40.0791 0x3224 rdpbus - ok
15:20:40.0794 0x3224 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:20:40.0817 0x3224 RDPCDD - ok
15:20:40.0823 0x3224 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:20:40.0836 0x3224 RDPDR - ok
15:20:40.0839 0x3224 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:20:40.0864 0x3224 RDPENCDD - ok
15:20:40.0867 0x3224 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:20:40.0892 0x3224 RDPREFMP - ok
15:20:40.0897 0x3224 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:20:40.0910 0x3224 RdpVideoMiniport - ok
15:20:40.0916 0x3224 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:20:40.0931 0x3224 RDPWD - ok
15:20:40.0937 0x3224 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:20:40.0948 0x3224 rdyboost - ok
15:20:40.0954 0x3224 [ 23D6449B8D2E2A0CA02A09453853F5B0, 227A151C61D94040F3635E6FBC6238CA3378973EC830755674A306DEE7EC2289 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:20:40.0968 0x3224 RegSrvc - ok
15:20:40.0972 0x3224 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:20:40.0999 0x3224 RemoteAccess - ok
15:20:41.0004 0x3224 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:20:41.0031 0x3224 RemoteRegistry - ok
15:20:41.0037 0x3224 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:20:41.0050 0x3224 RFCOMM - ok
15:20:41.0054 0x3224 [ 5A227511ED22DDFEDF7EF7323C8F7D2F, 5056DED32432E192268BE8214B6152A488807357D1BBB769171843E589BF4320 ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
15:20:41.0065 0x3224 risdxc - ok
15:20:41.0069 0x3224 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:20:41.0094 0x3224 RpcEptMapper - ok
15:20:41.0097 0x3224 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:20:41.0107 0x3224 RpcLocator - ok
15:20:41.0118 0x3224 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:20:41.0149 0x3224 RpcSs - ok
15:20:41.0153 0x3224 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:20:41.0178 0x3224 rspndr - ok
15:20:41.0181 0x3224 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:20:41.0190 0x3224 s3cap - ok
15:20:41.0193 0x3224 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\Windows\system32\lsass.exe
15:20:41.0201 0x3224 SamSs - ok
15:20:41.0205 0x3224 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:20:41.0215 0x3224 sbp2port - ok
15:20:41.0222 0x3224 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:20:41.0251 0x3224 SCardSvr - ok
15:20:41.0254 0x3224 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:20:41.0278 0x3224 scfilter - ok
15:20:41.0298 0x3224 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
15:20:41.0345 0x3224 Schedule - ok
15:20:41.0350 0x3224 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:20:41.0373 0x3224 SCPolicySvc - ok
15:20:41.0378 0x3224 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:20:41.0393 0x3224 SDRSVC - ok
15:20:41.0396 0x3224 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:20:41.0422 0x3224 secdrv - ok
15:20:41.0425 0x3224 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
15:20:41.0450 0x3224 seclogon - ok
15:20:41.0454 0x3224 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
15:20:41.0479 0x3224 SENS - ok
15:20:41.0482 0x3224 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:20:41.0494 0x3224 SensrSvc - ok
15:20:41.0497 0x3224 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:20:41.0505 0x3224 Serenum - ok
15:20:41.0510 0x3224 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:20:41.0520 0x3224 Serial - ok
15:20:41.0524 0x3224 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:20:41.0534 0x3224 sermouse - ok
15:20:41.0543 0x3224 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:20:41.0569 0x3224 SessionEnv - ok
15:20:41.0572 0x3224 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:20:41.0583 0x3224 sffdisk - ok
15:20:41.0586 0x3224 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:20:41.0596 0x3224 sffp_mmc - ok
15:20:41.0599 0x3224 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:20:41.0609 0x3224 sffp_sd - ok
15:20:41.0612 0x3224 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:20:41.0621 0x3224 sfloppy - ok
15:20:41.0630 0x3224 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:20:41.0660 0x3224 SharedAccess - ok
15:20:41.0672 0x3224 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:20:41.0702 0x3224 ShellHWDetection - ok
15:20:41.0706 0x3224 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:20:41.0714 0x3224 SiSRaid2 - ok
15:20:41.0718 0x3224 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:20:41.0727 0x3224 SiSRaid4 - ok
15:20:41.0735 0x3224 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:20:41.0750 0x3224 SkypeUpdate - ok
15:20:41.0754 0x3224 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:20:41.0780 0x3224 Smb - ok
15:20:41.0784 0x3224 [ 7956FD22F1AC83057630975D2B9AA452, ACBA47559D97B1B3FBDD7D9C7F13918EA00D63D9194642692E89E05B2D304BDE ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
15:20:41.0792 0x3224 SmbDrvI - ok
15:20:41.0794 0x3224 smihlp2 - ok
15:20:41.0800 0x3224 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:20:41.0810 0x3224 SNMPTRAP - ok
15:20:41.0813 0x3224 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:20:41.0821 0x3224 spldr - ok
15:20:41.0833 0x3224 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
15:20:41.0854 0x3224 Spooler - ok
15:20:41.0916 0x3224 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:20:42.0005 0x3224 sppsvc - ok
15:20:42.0011 0x3224 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:20:42.0036 0x3224 sppuinotify - ok
15:20:42.0064 0x3224 [ 13F0EB464D44CA0AE87CF16F72BD07AE, 99894854B1E9EA0E40D2204E5B2006039DEE30E5593290C8323D8340DFF7F8B2 ] SPUVCbv C:\Windows\system32\Drivers\SPUVCbv_x64.sys
15:20:42.0097 0x3224 SPUVCbv - ok
15:20:42.0109 0x3224 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:20:42.0127 0x3224 srv - ok
15:20:42.0136 0x3224 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:20:42.0152 0x3224 srv2 - ok
15:20:42.0158 0x3224 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:20:42.0169 0x3224 srvnet - ok
15:20:42.0175 0x3224 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:20:42.0204 0x3224 SSDPSRV - ok
15:20:42.0209 0x3224 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:20:42.0237 0x3224 SstpSvc - ok
15:20:42.0244 0x3224 [ F38232291F05CE25BA1C47FB51EB64CB, 7F72E87D02F3072E0D61D528BEBB8F4BFB6AD67FC94A93745493C9A0907FF435 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
15:20:42.0255 0x3224 ssudmdm - ok
15:20:42.0258 0x3224 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:20:42.0266 0x3224 stexstor - ok
15:20:42.0279 0x3224 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:20:42.0303 0x3224 stisvc - ok
15:20:42.0306 0x3224 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:20:42.0315 0x3224 storflt - ok
15:20:42.0319 0x3224 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
15:20:42.0330 0x3224 StorSvc - ok
15:20:42.0333 0x3224 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:20:42.0342 0x3224 storvsc - ok
15:20:42.0345 0x3224 [ 66B0CE7E33554B2EB4CA8A786F5B1228, 836EF77E38F2062ECE98864CC686BB6B3E462AF80D3C397CCE7DA882ABD35F66 ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
15:20:42.0352 0x3224 SUService - ok
15:20:42.0355 0x3224 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:20:42.0363 0x3224 swenum - ok
15:20:42.0374 0x3224 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:20:42.0407 0x3224 swprv - ok
15:20:42.0419 0x3224 [ AFB9FC97DAC435B588EACD63C3174DAA, FDE397F1202E02B1911E3C4A851918AA73BF206A44939BA981F50BC116E0E35A ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:20:42.0435 0x3224 SynTP - ok
15:20:42.0466 0x3224 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
15:20:42.0511 0x3224 SysMain - ok
15:20:42.0516 0x3224 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:20:42.0531 0x3224 TabletInputService - ok
15:20:42.0541 0x3224 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:20:42.0570 0x3224 TapiSrv - ok
15:20:42.0576 0x3224 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:20:42.0603 0x3224 TBS - ok
15:20:42.0641 0x3224 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:20:42.0693 0x3224 Tcpip - ok
15:20:42.0739 0x3224 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:20:42.0782 0x3224 TCPIP6 - ok
15:20:42.0788 0x3224 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:20:42.0799 0x3224 tcpipreg - ok
15:20:42.0803 0x3224 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:20:42.0815 0x3224 TDPIPE - ok
15:20:42.0818 0x3224 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:20:42.0830 0x3224 TDTCP - ok
15:20:42.0835 0x3224 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:20:42.0848 0x3224 tdx - ok
15:20:42.0852 0x3224 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:20:42.0863 0x3224 TermDD - ok
15:20:42.0878 0x3224 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
15:20:42.0904 0x3224 TermService - ok
15:20:42.0911 0x3224 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:20:42.0926 0x3224 Themes - ok
15:20:42.0932 0x3224 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:20:42.0959 0x3224 THREADORDER - ok
15:20:42.0968 0x3224 [ D6265A9008DC7B6411ACBAEB7CA26F75, C4992ACB4BB2BBB7249B52791BF4E5ED67AC854998733A7BBC6CEB3275D6726D ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
15:20:42.0980 0x3224 TPHKLOAD - ok
15:20:42.0985 0x3224 [ 7FF003567BE266566A2F13BE04F76714, 0E8525B6D54DAC39E72DE79006CA4E72A2BB41010DA486828882F9BC88B22234 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
15:20:43.0015 0x3224 TPHKSVC - ok
15:20:43.0018 0x3224 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
15:20:43.0030 0x3224 TPM - ok
15:20:43.0033 0x3224 [ A9EF6C7E62DC3B01C51CFB92C1596C62, 432335FDA5DF9FF8C9B86767980A07C720E7158D5362E40D3A745817D4275A07 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
15:20:43.0043 0x3224 TPPWRIF - ok
15:20:43.0050 0x3224 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:20:43.0082 0x3224 TrkWks - ok
15:20:43.0089 0x3224 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:20:43.0138 0x3224 TrustedInstaller - ok
15:20:43.0148 0x3224 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:20:43.0157 0x3224 tssecsrv - ok
15:20:43.0162 0x3224 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:20:43.0172 0x3224 TsUsbFlt - ok
15:20:43.0176 0x3224 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:20:43.0185 0x3224 TsUsbGD - ok
15:20:43.0189 0x3224 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:20:43.0215 0x3224 tunnel - ok
15:20:43.0218 0x3224 [ D4915DB03B19F9FD50EC084CC0ED15FC, 1CA899C0D48E69825DB27A4A52D8A3FEBA00A47C2D0E2FC0F5F358D15B7F3496 ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
15:20:43.0226 0x3224 TVTI2C - ok
15:20:43.0230 0x3224 [ 760B34088C2AD8D634CC3784EF3A2CA2, 20D23EDBDE7EBBA495C032097E7C5B1C6F94037971D9B2D6B98ABE11E7FF3643 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
15:20:43.0238 0x3224 tvtvcamd - ok
15:20:43.0245 0x3224 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:20:43.0254 0x3224 uagp35 - ok
15:20:43.0262 0x3224 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:20:43.0291 0x3224 udfs - ok
15:20:43.0296 0x3224 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:20:43.0307 0x3224 UI0Detect - ok
15:20:43.0310 0x3224 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:20:43.0320 0x3224 uliagpkx - ok
15:20:43.0323 0x3224 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:20:43.0333 0x3224 umbus - ok
15:20:43.0336 0x3224 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:20:43.0346 0x3224 UmPass - ok
15:20:43.0352 0x3224 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
15:20:43.0365 0x3224 UmRdpService - ok
15:20:43.0374 0x3224 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:20:43.0405 0x3224 upnphost - ok
15:20:43.0409 0x3224 [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:20:43.0421 0x3224 usbccgp - ok
15:20:43.0426 0x3224 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:20:43.0437 0x3224 usbcir - ok
15:20:43.0441 0x3224 [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:20:43.0450 0x3224 usbehci - ok
15:20:43.0459 0x3224 [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:20:43.0473 0x3224 usbhub - ok
15:20:43.0477 0x3224 [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:20:43.0486 0x3224 usbohci - ok
15:20:43.0489 0x3224 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:20:43.0500 0x3224 usbprint - ok
15:20:43.0503 0x3224 [ 2C42E595E7E381596B9A14F88F5AE027, 948C2AD7FA0B01184312D1ABE43F2F3D85A934CF0658A8B2BDF9F0919568377B ] usbrndis6 C:\Windows\system32\DRIVERS\usb80236.sys
15:20:43.0514 0x3224 usbrndis6 - ok
15:20:43.0517 0x3224 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:20:43.0529 0x3224 usbscan - ok
15:20:43.0533 0x3224 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:20:43.0544 0x3224 USBSTOR - ok
15:20:43.0547 0x3224 [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:20:43.0557 0x3224 usbuhci - ok
15:20:43.0563 0x3224 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:20:43.0576 0x3224 usbvideo - ok
15:20:43.0580 0x3224 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:20:43.0607 0x3224 UxSms - ok
15:20:43.0609 0x3224 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\Windows\system32\lsass.exe
15:20:43.0618 0x3224 VaultSvc - ok
15:20:43.0622 0x3224 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:20:43.0631 0x3224 vdrvroot - ok
15:20:43.0644 0x3224 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:20:43.0683 0x3224 vds - ok
15:20:43.0686 0x3224 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:20:43.0700 0x3224 vga - ok
15:20:43.0702 0x3224 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:20:43.0730 0x3224 VgaSave - ok
15:20:43.0736 0x3224 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:20:43.0752 0x3224 vhdmp - ok
15:20:43.0755 0x3224 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:20:43.0766 0x3224 viaide - ok
15:20:43.0774 0x3224 [ 49C122513203B98B0B2C10211F23450B, 98C281A5F9A68C0E9F766EE136B72605C8724BA521B6A28E9B7232FFDB1108B9 ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
15:20:43.0783 0x3224 VIPAppService - ok
15:20:43.0789 0x3224 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:20:43.0802 0x3224 vmbus - ok
15:20:43.0805 0x3224 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:20:43.0815 0x3224 VMBusHID - ok
15:20:43.0819 0x3224 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:20:43.0831 0x3224 volmgr - ok
15:20:43.0839 0x3224 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:20:43.0854 0x3224 volmgrx - ok
15:20:43.0865 0x3224 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:20:43.0880 0x3224 volsnap - ok
15:20:43.0884 0x3224 [ 5932B2999AEF21C4599A792599F28D89, 78B2842BA71F9DAB5BB64BA4AB97BD19DEEFB075F83D735244906D046E78B2DC ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys
15:20:43.0893 0x3224 vpnva - ok
15:20:43.0900 0x3224 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:20:43.0914 0x3224 vsmraid - ok
15:20:43.0944 0x3224 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:20:44.0006 0x3224 VSS - ok
15:20:44.0023 0x3224 [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
15:20:44.0034 0x3224 vssbrigde64 - ok
15:20:44.0037 0x3224 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:20:44.0048 0x3224 vwifibus - ok
15:20:44.0051 0x3224 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:20:44.0064 0x3224 vwififlt - ok
15:20:44.0067 0x3224 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:20:44.0079 0x3224 vwifimp - ok
15:20:44.0090 0x3224 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:20:44.0121 0x3224 W32Time - ok
15:20:44.0125 0x3224 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:20:44.0135 0x3224 WacomPen - ok
15:20:44.0140 0x3224 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:20:44.0164 0x3224 WANARP - ok
15:20:44.0167 0x3224 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:20:44.0191 0x3224 Wanarpv6 - ok
15:20:44.0214 0x3224 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:20:44.0245 0x3224 WatAdminSvc - ok
15:20:44.0273 0x3224 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:20:44.0312 0x3224 wbengine - ok
15:20:44.0319 0x3224 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:20:44.0335 0x3224 WbioSrvc - ok
15:20:44.0343 0x3224 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:20:44.0363 0x3224 wcncsvc - ok
15:20:44.0366 0x3224 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:20:44.0378 0x3224 WcsPlugInService - ok
15:20:44.0381 0x3224 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
15:20:44.0389 0x3224 Wd - ok
15:20:44.0406 0x3224 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:20:44.0430 0x3224 Wdf01000 - ok
15:20:44.0435 0x3224 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:20:44.0448 0x3224 WdiServiceHost - ok
15:20:44.0451 0x3224 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:20:44.0462 0x3224 WdiSystemHost - ok
15:20:44.0469 0x3224 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
15:20:44.0486 0x3224 WebClient - ok
15:20:44.0492 0x3224 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:20:44.0522 0x3224 Wecsvc - ok
15:20:44.0526 0x3224 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:20:44.0552 0x3224 wercplsupport - ok
15:20:44.0556 0x3224 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:20:44.0582 0x3224 WerSvc - ok
15:20:44.0585 0x3224 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:20:44.0609 0x3224 WfpLwf - ok
15:20:44.0612 0x3224 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:20:44.0620 0x3224 WIMMount - ok
15:20:44.0623 0x3224 WinDefend - ok
15:20:44.0628 0x3224 WinHttpAutoProxySvc - ok
15:20:44.0637 0x3224 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:20:44.0667 0x3224 Winmgmt - ok
15:20:44.0703 0x3224 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
15:20:44.0752 0x3224 WinRM - ok
15:20:44.0759 0x3224 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
15:20:44.0771 0x3224 WinUsb - ok
15:20:44.0788 0x3224 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:20:44.0820 0x3224 Wlansvc - ok
15:20:44.0824 0x3224 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:20:44.0832 0x3224 wlcrasvc - ok
15:20:44.0871 0x3224 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:20:44.0921 0x3224 wlidsvc - ok
15:20:44.0940 0x3224 [ 45AA83A1FA24D5A630254D3FCF9EFDE9, 7497C8477414A512E3438786B628E55ADCDF6DBEC85381CEF49C1394561D5DED ] WMCoreService C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
15:20:44.0959 0x3224 WMCoreService - ok
15:20:44.0963 0x3224 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:20:44.0972 0x3224 WmiAcpi - ok
15:20:44.0979 0x3224 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:20:44.0995 0x3224 wmiApSrv - ok
15:20:44.0997 0x3224 WMPNetworkSvc - ok
15:20:45.0000 0x3224 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:20:45.0012 0x3224 WPCSvc - ok
15:20:45.0016 0x3224 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:20:45.0033 0x3224 WPDBusEnum - ok
15:20:45.0035 0x3224 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:20:45.0060 0x3224 ws2ifsl - ok
15:20:45.0065 0x3224 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
15:20:45.0080 0x3224 wscsvc - ok
15:20:45.0083 0x3224 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:20:45.0094 0x3224 WSDPrintDevice - ok
15:20:45.0096 0x3224 WSearch - ok
15:20:45.0144 0x3224 [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv C:\Windows\system32\wuaueng.dll
15:20:45.0203 0x3224 wuauserv - ok
15:20:45.0209 0x3224 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:20:45.0220 0x3224 WudfPf - ok
15:20:45.0227 0x3224 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:20:45.0239 0x3224 WUDFRd - ok
15:20:45.0243 0x3224 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:20:45.0254 0x3224 wudfsvc - ok
15:20:45.0263 0x3224 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:20:45.0278 0x3224 WwanSvc - ok
15:20:45.0286 0x3224 [ 47499F9665153749DB433C76790C3262, 39526C595B7EF05653FCDF12C2CBACD99471944174A7E72D4A3DDB115DE801A3 ] WwanUsbServ C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
15:20:45.0299 0x3224 WwanUsbServ - ok
15:20:45.0374 0x3224 [ 75044F6FC44045047B15415B89E4D1B4, 43461141A326B99C218C3712725767C08825963EA9D430CBA03D4978E15EF23E ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
15:20:45.0444 0x3224 ZeroConfigService - ok
15:20:45.0460 0x3224 ================ Scan global ===============================
15:20:45.0463 0x3224 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:20:45.0470 0x3224 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
15:20:45.0480 0x3224 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
15:20:45.0487 0x3224 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:20:45.0497 0x3224 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:20:45.0504 0x3224 [ Global ] - ok
15:20:45.0504 0x3224 ================ Scan MBR ==================================
15:20:45.0506 0x3224 [ B78F010C2F6E54FC3F947B22CE0352FC ] \Device\Harddisk0\DR0
15:20:45.0635 0x3224 \Device\Harddisk0\DR0 - ok
15:20:45.0636 0x3224 ================ Scan VBR ==================================
15:20:45.0639 0x3224 [ 001EEEC6A385F26084D41060D4596F89 ] \Device\Harddisk0\DR0\Partition1
15:20:45.0641 0x3224 \Device\Harddisk0\DR0\Partition1 - ok
15:20:45.0648 0x3224 [ CCAA2FAC2A5CA3B922360B270F04CF0E ] \Device\Harddisk0\DR0\Partition2
15:20:45.0651 0x3224 \Device\Harddisk0\DR0\Partition2 - ok
15:20:45.0656 0x3224 [ 2D6DF5AF477E641F37230E0CCA1835B7 ] \Device\Harddisk0\DR0\Partition3
15:20:45.0660 0x3224 \Device\Harddisk0\DR0\Partition3 - ok
15:20:45.0660 0x3224 ================ Scan generic autorun ======================
15:20:45.0927 0x3224 [ 047D94A22B47AF83DDE4E32BB4E06D0A, CB9257995C67A1A44D6D316C36D3AAEF639BFD51A26C699D70FD047C45440CA5 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:20:46.0152 0x3224 RTHDVCPL - ok
15:20:46.0186 0x3224 [ D8AB6AC4A2D30641C9544021373B47EB, A0553AFB3B186D8EA28CF056139FA5AA150D6BD31E36E5EB9D5DD5940A90CA55 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
|
|
10.09.2015, 14:38
| #5 |
| | Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige TextnachrichtCode:
ATTFilter 15:20:46.0217 0x3224 RtHDVBg_Dolby - ok
15:20:46.0219 0x3224 SynTPEnh - ok
15:20:46.0225 0x3224 [ C7AD142E254102FAAFD3AD87BED0ADE2, 7BD8FB7FA4CB366D575F1C06C180D67C5BEAE10358E1795793CC8AB74BDAEC3C ] C:\Windows\system32\igfxtray.exe
15:20:46.0235 0x3224 IgfxTray - ok
15:20:46.0244 0x3224 [ 263088F736AEA28C27680D328F5A2A2D, D9FA8ABF0348E99D3E00E72B129AECE16C2DD36D62D180EBC030D1D273E3B0A7 ] C:\Windows\system32\hkcmd.exe
15:20:46.0259 0x3224 HotKeysCmds - ok
15:20:46.0270 0x3224 [ 87587BD5554551F25D01A394900708B2, 17EE9F0B532315BA830F1A7ED74673695D8B0018051E455433DF2D5BBE50E443 ] C:\Windows\system32\igfxpers.exe
15:20:46.0286 0x3224 Persistence - ok
15:20:46.0290 0x3224 [ D3222DED64E0C5FF6860695186ECADEB, 54983A84FBCC5F909CAC0B4A0F4691723C62BD8053F4BCE2BA633AE2AB97DF55 ] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
15:20:46.0297 0x3224 AcWin7Hlpr - ok
15:20:46.0304 0x3224 [ 7515EC02E1F288107C95D5C195381235, E9D1C77FA69AA00EA8AC653D8F924BD2EC5BA599C946F543016749F448E87FC0 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
15:20:46.0315 0x3224 USB3MON - ok
15:20:46.0320 0x3224 [ 9CBEE48C8C5BB8BEED9F68D6FE66C3C5, CE52DC224F12FA71E399127590C9C417A7FC6D8E58B7D3FF0175DC4AAF52F3ED ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
15:20:46.0330 0x3224 IMSS - ok
15:20:46.0336 0x3224 [ 49CD8D25D932C5BF867EBFF00D432B75, D107F7736AC8D43CE93ABDE1A8038D8FE87779F25F41B3FD1E942DF439581236 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
15:20:46.0345 0x3224 Intel AppUp(SM) center - ok
15:20:46.0421 0x3224 [ B3E053ED10DD568A3B292241F1A74D32, 62606F78FF968D7DF3EF04CD146749B525AEC9C438E9A897DA48F05577659DB2 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
15:20:46.0510 0x3224 Lenovo Registration - ok
15:20:46.0518 0x3224 [ 49CD8D25D932C5BF867EBFF00D432B75, D107F7736AC8D43CE93ABDE1A8038D8FE87779F25F41B3FD1E942DF439581236 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
15:20:46.0526 0x3224 Lenovo App Shop - ok
15:20:46.0532 0x3224 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
15:20:46.0541 0x3224 BCSSync - ok
15:20:46.0571 0x3224 [ 040E1896190EA93D1B4DE31AC7B8F216, EA144E0ED16887498623BA67F7209FC1A58195B077A832250B27AF0C6B9D043D ] C:\Program Files (x86)\Integrated Camera\monitor.exe
15:20:46.0609 0x3224 Integrated Camera_Monitor - ok
15:20:46.0620 0x3224 [ EE864CD35936E4AAD8120321907DA8F5, D4A37E70302DF0A76E20F1AC1CD427A831BA80A8E1729E0E5637DC48E7A85DF3 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
15:20:46.0635 0x3224 Dolby Home Theater v4 - ok
15:20:46.0673 0x3224 [ 907E9C6F658C590BB58BFB45CFE10857, 0F4976ECE46DDCAC1235A65C9B50B05B166CC74E43B057DA6FF54C13DD27EB22 ] C:\Users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe
15:20:46.0724 0x3224 Spotify Web Helper - ok
15:20:46.0731 0x3224 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe
15:20:46.0756 0x3224 Google Update - ok
15:20:46.0802 0x3224 [ 422963B9386FD4052AA766A6575ED8DE, 3D9938360E3F08EF550B03A6204C6B36A32960D115577B5448DCA5D160B46F5B ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
15:20:46.0846 0x3224 Advanced SystemCare 8 - ok
15:20:46.0852 0x3224 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
15:20:46.0877 0x3224 Dropbox Update - ok
15:20:46.0914 0x3224 [ EFAF76BB399C292EBDB40FFEF061D2CF, A276B93B40F4DDD807DBFFAA3A7750C2FF8F33E487EF2906FD2FBCA38BF37C79 ] C:\Users\******\AppData\Local\Hola\local\app\hola.exe
15:20:46.0996 0x3224 hola - ok
15:20:46.0998 0x3224 Waiting for KSN requests completion. In queue: 167
15:20:47.0998 0x3224 Waiting for KSN requests completion. In queue: 167
15:20:49.0054 0x3224 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
15:20:49.0056 0x3224 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
15:20:50.0291 0x3224 ============================================================
15:20:50.0291 0x3224 Scan finished
15:20:50.0291 0x3224 ============================================================
15:20:50.0312 0x3190 Detected object count: 0
15:20:50.0312 0x3190 Actual detected object count: 0
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org
Database version:
main: v2015.09.10.06
rootkit: v2015.08.16.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
:: THINK [administrator]
10.09.2015 14:52:47
mbar-log-2015-09-10 (14-52-47).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 392736
Time elapsed: 10 minute(s),
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
11.09.2015, 06:23
| #6 |
| /// the machine /// TB-Ausbilder | Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige Textnachricht hi, Scan mit Combofix
__________________ --> Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige Textnachricht |
|
14.10.2015, 12:44
| #7 |
| | Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige Textnachricht Hallo Schrauber, aus privaten Gründen bin ich nicht zu dem von Dir geforderten Scan gekommen. Ich schicke Dir jetzt noch mal FRST.txt und addition.txt mit Bitte um Anweisung was als nächstes zu tun ist. Außerdem: möglicherweise neues Symptom. Ab und zu schaltet sich das Keyboard ab und ich kann nichts mehr eingeben. Ist bisher 2 Mal passiert seitdem wir das letzte mal gepostet haben. Danke! FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2014 (ATTENTION: ====> FRST version is 383 days old and could be outdated)
Ran by ***** (administrator) on ***** on 14-10-2015 13:40:24
Running from C:\Users\*****\Downloads
Loaded Profile: ***** (Available profiles: *****)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\*****Vantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Broadcom Corporation.) C:\Program Files\*****Pad\Bluetooth Software\btwdins.exe
(Intel® Corporation) C:\Program Files\Intel\CAM\bin\CAMService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hola Networks Ltd.) C:\Users\*****\AppData\Local\Hola\local\app\hola.exe
(Broadcom Corporation.) C:\Program Files\*****Pad\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Hola Networks Ltd.) C:\Users\*****\AppData\Local\Hola\local\app\hola_updater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Hola Networks Ltd.) C:\Users\*****\AppData\Local\Hola\local\app\hola_svc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Farbar) C:\Users\*****\Downloads\FRST64(4).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63728 2015-06-08] (Lenovo)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719456 2013-12-10] (SunplusIT, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\*****Vantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Spotify Web Helper] => C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2022968 2015-05-12] (Spotify Ltd)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Google Update] => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Dropbox Update] => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [hola] => C:\Users\*****\AppData\Local\Hola\local\app\hola.exe [2032256 2015-09-10] (Hola Networks Ltd.)
Lsa: [Notification Packages] scecli C:\Program Files\*****Vantage Fingerprint Software\psqlpwd.dll C:\Program Files\*****Pad\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\*****Pad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: CeDesktopIntegration -> {3CEC3E6D-ECF2-4B49-8A41-3B16DF8B9C3F} => No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/*****pad
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {417735E5-3C9D-89A4-A0EC-2BA9A2D311CA} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll (AO Kaspersky Lab)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} https://solisvpn.*****/CACHE/stc/20/binaries/vpnweb.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @ABNAMRO/BECON,version=1.00 -> C:\Program Files (x86)\ABN AMRO e.dentifier2\Mozilla\npBECON.dll (ABN AMRO)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @hola.org/FlashPlayer -> C:\Users\*****\AppData\Local\Hola\firefox\app\flash\NPSWF32_18_0_0_232.dll ()
FF Plugin HKCU: @hola.org/vlc -> C:\Users\*****\AppData\Local\Hola\firefox\app\vlc\npvlc.dll (Hola)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\*****\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\*****\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: google.com/WidevineMediaOptimizer -> C:\Users\*****\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll (Google Inc.)
FF Plugin HKCU: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1480473739-3576749651-3455334848-1000\FireFox\user.js
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\Extensions\iobitascsurfingprotection@iobit.com [2015-06-23]
FF Extension: Hola Better Internet - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-10-07]
FF Extension: Zotero - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\Extensions\zotero@chnm.gmu.edu.xpi [2015-03-07]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2013-06-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-09-10]
FF HKLM-x32\...\Firefox\Extensions: [VIP4X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
Chrome:
=======
CHR HomePage: Default -> hxxp://google.de/
CHR RestoreOnStartup: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-07-27]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-07-27]
CHR Extension: (Virtuelle Tastatur) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-07-27]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2013-07-26]
CHR Extension: (Anti-Banner) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-07-27]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka []
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-10] (Kaspersky Lab ZAO)
R2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1243344 2014-09-03] (Intel® Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1390592 2015-07-23] (Microsoft Corporation)
S3 DozeSvc; C:\Program Files (x86)\*****Pad\Utilities\DZSVC64.EXE [320576 2013-06-26] (Lenovo.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-01] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-17] (IObit)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [20984 2013-10-18] (Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424 2015-08-17] (Lenovo)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-23] (Nitro PDF Software)
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59440 2013-12-16] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [319024 2013-12-16] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22008 2015-08-27] ()
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2013-03-27] (Broadcom Corporation.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 e.dentifier2; C:\Windows\System32\DRIVERS\aabed2.sys [28672 2008-03-20] (Todos Data System AB)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-08-31] (GFI Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-04] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [931000 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-26] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R3 l36wscard; C:\Windows\System32\DRIVERS\l36wscard.sys [61992 2011-01-14] (Ericsson AB)
S3 LenLan; C:\Windows\System32\DRIVERS\LenLan.sys [98816 2012-05-29] (Lenovo Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [443208 2012-10-02] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [453960 2012-10-02] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [21832 2012-10-02] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [506184 2012-10-02] (MCCI Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1514144 2013-12-10] (Sunplus)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (*****Vantage Communications Utility)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-12-13] (Cisco Systems, Inc.)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [281840 2013-02-19] (Ericsson AB)
S3 ALSysIO; \??\C:\Users\*****\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz137; \??\C:\Users\*****\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S2 smihlp2; \??\C:\Program Files\*****Vantage Fingerprint Software\smihlp.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-10-03 02:39 - 2015-10-03 02:39 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-02 18:11 - 2015-10-02 18:11 - 21777663 _____ () C:\Users\*****\Downloads\TeXworks-w32-0.4.6-20150403-git_c29723a.zip
2015-10-02 18:11 - 2015-10-02 18:11 - 00000000 ____D () C:\Users\*****\TeXworks
2015-10-02 18:11 - 2015-10-02 18:11 - 00000000 ____D () C:\Users\*****\Downloads\TeXworks-w32-0.4.6-20150403-git_c29723a
2015-10-01 12:58 - 2015-10-01 20:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-09-29 19:50 - 2015-10-01 00:11 - 00001131 _____ () C:\Users\*****\Desktop\TeXnicCenter.lnk
2015-09-29 19:50 - 2015-09-29 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXnicCenter
2015-09-29 19:50 - 2015-09-29 19:50 - 00000000 ____D () C:\Program Files\TeXnicCenter
2015-09-29 19:48 - 2015-09-29 19:49 - 12631003 _____ (The TeXnicCenter Team ) C:\Users\*****\Downloads\TXCSetup_2.02Stable_x64.exe
2015-09-29 19:09 - 2015-09-29 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2015-09-29 19:08 - 2015-09-29 19:08 - 00000000 ____D () C:\Users\*****\AppData\Roaming\MiKTeX
2015-09-29 19:08 - 2015-09-29 19:08 - 00000000 ____D () C:\Users\*****\AppData\Local\MiKTeX
2015-09-29 19:08 - 2015-09-29 19:08 - 00000000 ____D () C:\ProgramData\MiKTeX
2015-09-29 19:07 - 2015-09-29 19:07 - 00000000 ____D () C:\Program Files (x86)\MiKTeX 2.9
2015-09-29 19:05 - 2015-09-29 19:05 - 178712840 _____ (MiKTeX.org) C:\Users\*****\Downloads\basic-miktex-2.9.5721.exe
2015-09-29 19:03 - 2015-09-29 19:03 - 188503304 _____ (MiKTeX.org) C:\Users\*****\Downloads\basic-miktex-2.9.5721-x64.exe
2015-09-29 18:52 - 2015-09-29 18:52 - 16833468 _____ () C:\Users\*****\Downloads\biber-MSWIN.zip
2015-09-29 18:52 - 2015-09-29 18:52 - 00000000 ____D () C:\Users\*****\Downloads\biber-MSWIN
2015-09-29 17:59 - 2015-09-29 17:59 - 00001691 _____ () C:\Users\*****\X.log
2015-09-29 11:12 - 2015-09-29 11:12 - 00622299 _____ () C:\Users\*****\Downloads\apa6(1).zip
2015-09-29 11:09 - 2015-09-29 11:09 - 00000000 ____D () C:\texlive
2015-09-29 11:08 - 2015-09-29 11:08 - 13285427 _____ () C:\Users\*****\Downloads\install-tl-windows.exe
2015-09-27 16:57 - 2015-09-27 16:57 - 00000000 ____D () C:\Users\*****\Downloads\apa6
2015-09-27 16:55 - 2015-09-27 16:55 - 00622299 _____ () C:\Users\*****\Downloads\apa6.zip
2015-09-27 16:16 - 2015-09-27 16:16 - 00001864 _____ () C:\Users\Public\Desktop\JabRef 2.10.lnk
2015-09-27 16:16 - 2015-09-27 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JabRef
2015-09-27 16:16 - 2015-09-27 16:16 - 00000000 ____D () C:\Program Files (x86)\JabRef
2015-09-27 16:15 - 2015-09-27 16:15 - 14253375 _____ (JabRef Team) C:\Users\*****\Downloads\JabRef-2.10-setup.exe
2015-09-27 15:51 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-27 15:51 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-27 15:29 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-27 15:29 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-27 15:29 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-27 15:29 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-27 15:29 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-27 15:29 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-27 15:29 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-27 15:29 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-27 15:29 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-27 15:29 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-27 15:29 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-27 15:29 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-27 15:29 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-27 15:29 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-27 15:29 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-27 15:29 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-27 15:29 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-27 15:29 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-27 15:29 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-27 15:29 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-27 15:29 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-27 15:29 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-27 15:29 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-27 15:29 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-27 15:29 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-27 15:29 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-27 15:29 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-27 15:29 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-27 15:29 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-27 15:29 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-27 15:29 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-27 15:29 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-27 15:29 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-27 15:29 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-27 15:29 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-27 15:29 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-27 15:29 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-27 15:29 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-27 15:29 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-27 15:29 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-27 15:29 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-27 15:29 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-27 15:29 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-27 15:29 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-27 15:29 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-27 15:29 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-27 15:29 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-27 15:29 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-27 15:29 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-27 15:29 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-27 15:29 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-27 15:29 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-27 15:29 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-27 15:29 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-27 15:29 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-27 15:29 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-27 15:29 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-27 15:29 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-27 15:29 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-27 15:29 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-27 15:29 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-27 15:29 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-27 15:29 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-27 15:29 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-27 15:29 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-27 15:29 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-27 15:29 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-27 15:29 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-27 15:29 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-27 15:29 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-27 15:29 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-27 15:29 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-27 15:29 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-27 15:29 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-27 15:29 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-27 15:29 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-27 15:29 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-09-27 15:29 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-27 15:29 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-27 15:29 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-27 15:29 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-27 15:29 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-27 15:29 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-27 15:29 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-27 15:29 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-27 15:29 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-09-27 15:29 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-27 15:29 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-27 15:29 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-27 15:29 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-27 15:29 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-27 15:29 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-27 15:29 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-27 15:29 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-27 15:29 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-27 15:29 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-27 15:29 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-27 15:29 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-27 15:29 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-27 15:29 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-27 15:29 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-27 15:29 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-27 15:29 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-27 15:29 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-27 15:29 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-27 15:29 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-27 15:29 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-27 15:29 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-27 15:29 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-27 15:29 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-27 15:29 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-27 15:29 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-27 15:29 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-27 15:29 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-27 15:29 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-27 15:29 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-27 15:29 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-27 15:29 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-27 15:29 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-27 15:29 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-27 15:29 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-27 15:29 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-27 15:29 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-09-27 15:29 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-27 15:29 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-27 15:29 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-27 15:29 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-27 15:29 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-27 15:28 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-27 15:28 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-27 15:28 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-27 15:28 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-27 15:28 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-27 15:28 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-27 15:28 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-27 15:28 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-27 15:28 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-27 15:28 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-27 15:28 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-27 15:28 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-27 15:28 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-27 15:28 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-27 15:28 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-27 15:28 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-27 15:28 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-27 15:28 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-27 15:28 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-27 15:28 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-27 15:28 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-09-27 15:28 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-09-27 15:28 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-09-27 15:28 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-09-27 15:28 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-27 15:28 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-27 15:28 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-09-27 15:28 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-27 15:28 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-09-27 15:28 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-27 15:28 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-27 15:28 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-27 15:28 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-27 15:28 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-27 15:28 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-09-27 15:28 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-27 15:28 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-27 15:28 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-27 15:28 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-09-27 15:28 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-09-27 15:23 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-27 15:23 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-27 15:23 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-27 15:23 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-27 15:23 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-27 15:23 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-27 15:23 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-27 15:23 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-27 15:23 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-27 15:23 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-27 15:23 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-27 15:23 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-27 15:23 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-27 15:23 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-27 15:23 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-27 15:23 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-23 19:57 - 2015-10-01 20:28 - 00001298 _____ () C:\Windows\PFRO.log
2015-09-23 14:30 - 2015-10-14 09:36 - 00007821 _____ () C:\Windows\setupact.log
2015-09-23 14:30 - 2015-09-23 14:30 - 00000000 _____ () C:\Windows\setuperr.log
2015-09-21 21:20 - 2015-09-22 20:58 - 00000000 ____D () C:\Users\*****\Desktop\tse session
2015-09-21 04:43 - 2015-09-21 04:43 - 00013412 _____ () C:\Users\*****\Documents\Kopie von TK100715.xlsb
2015-09-18 00:16 - 2015-09-18 00:16 - 00000005 _____ () C:\Users\*****\Desktop\new 1.txt
2015-09-18 00:11 - 2015-09-18 00:15 - 00009213 _____ () C:\Users\*****\Desktop\gehaltsvergleich gesis-uu.xlsx
2015-09-15 23:45 - 2015-09-15 23:45 - 00641833 _____ () C:\Users\*****\Downloads\TeXcount_3_0_0_24.zip
2015-09-15 23:45 - 2015-09-15 23:45 - 00000000 ____D () C:\Users\*****\Downloads\TeXcount_3_0_0_24
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-10-14 13:40 - 2015-01-27 23:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-14 13:40 - 2013-10-21 01:35 - 00030835 _____ () C:\Users\*****\Downloads\FRST.txt
2015-10-14 13:40 - 2013-09-04 13:06 - 00000000 ____D () C:\FRST
2015-10-14 13:38 - 2015-06-17 16:27 - 00001228 _____ () C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job
2015-10-14 13:34 - 2013-09-07 01:14 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job
2015-10-14 13:21 - 2013-06-05 00:40 - 01628689 _____ () C:\Windows\WindowsUpdate.log
2015-10-14 13:02 - 2009-07-14 06:45 - 00034432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-14 13:02 - 2009-07-14 06:45 - 00034432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-14 13:01 - 2013-06-26 17:59 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Skype
2015-10-14 12:56 - 2013-06-05 00:40 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-14 11:50 - 2014-01-21 15:54 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-10-14 09:27 - 2015-06-04 13:46 - 00002870 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (*****)
2015-10-14 09:26 - 2013-06-26 18:26 - 00000000 ___RD () C:\Users\*****\Dropbox
2015-10-14 09:26 - 2013-06-26 18:15 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Dropbox
2015-10-14 09:26 - 2013-06-05 00:40 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-14 09:16 - 2013-06-05 10:15 - 00703214 _____ () C:\Windows\system32\perfh007.dat
2015-10-14 09:16 - 2013-06-05 10:15 - 00150822 _____ () C:\Windows\system32\perfc007.dat
2015-10-14 09:16 - 2009-07-14 07:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-10-14 09:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-10-14 00:48 - 2014-01-01 12:49 - 00000000 ____D () C:\Users\*****\Documents\Outlook-Dateien
2015-10-13 21:53 - 2015-04-23 20:30 - 00000000 ____D () C:\Users\*****\Documents\simulation
2015-10-13 21:38 - 2015-06-17 16:27 - 00001176 _____ () C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job
2015-10-13 20:34 - 2013-09-07 01:14 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job
2015-10-13 12:04 - 2013-06-26 18:10 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe
2015-10-12 13:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-10-11 21:09 - 2015-04-23 18:48 - 00000000 ____D () C:\ProgramData\ProductData
2015-10-10 17:01 - 2015-06-30 17:54 - 00000000 ____D () C:\Figures_Latex
2015-10-08 19:26 - 2015-08-24 13:06 - 00000000 ____D () C:\Text_Latex
2015-10-07 14:38 - 2015-06-23 21:27 - 00002196 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-10-04 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-10-04 17:58 - 2014-11-22 15:10 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2015-10-04 14:20 - 2015-05-12 09:57 - 00001964 _____ () C:\Users\Public\Desktop\Sonos.lnk
2015-10-04 14:20 - 2014-11-22 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2015-10-04 14:20 - 2014-11-22 15:10 - 00000000 ____D () C:\Program Files (x86)\Sonos
2015-10-04 14:20 - 2013-10-10 12:21 - 00000000 ____D () C:\Users\*****\AppData\Local\Downloaded Installations
2015-10-02 18:31 - 2013-09-21 22:16 - 00000000 ____D () C:\Users\*****\AppData\Roaming\texstudio
2015-10-02 18:11 - 2013-06-26 17:49 - 00000000 ____D () C:\Users\*****
2015-10-01 20:28 - 2013-06-26 23:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-01 14:35 - 2013-06-26 17:52 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Nitro PDF
2015-10-01 14:18 - 2015-01-09 01:55 - 00003846 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1420761345
2015-10-01 14:18 - 2013-06-26 19:24 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-09-29 20:41 - 2015-01-14 14:15 - 00000000 ____D () C:\Users\*****\Documents\Zotero Workspace
2015-09-28 22:08 - 2013-06-27 09:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-09-28 22:08 - 2013-06-27 09:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-09-28 22:08 - 2009-07-14 06:45 - 00509784 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-09-28 22:07 - 2015-04-20 11:31 - 00000000 ____D () C:\Windows\system32\appraiser
2015-09-28 22:07 - 2014-04-26 01:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-09-28 22:07 - 2011-12-08 22:43 - 00000000 ____D () C:\Program Files\Windows Journal
2015-09-28 22:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-09-27 16:23 - 2013-06-27 20:37 - 00007644 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2015-09-27 15:53 - 2013-06-26 18:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-09-27 15:51 - 2013-06-27 09:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-27 15:48 - 2013-07-15 11:32 - 00000000 ____D () C:\Windows\system32\MRT
2015-09-27 15:36 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2015-09-26 14:37 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-09-25 17:40 - 2015-01-27 23:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-25 17:40 - 2013-12-14 17:24 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-25 17:40 - 2013-12-14 17:24 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-16 07:50 - 2013-06-05 00:40 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 07:50 - 2013-06-05 00:40 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-16 07:34 - 2013-06-05 00:44 - 00000000 ____D () C:\Windows\System32\Tasks\TVT
2015-09-16 07:34 - 2013-06-05 00:38 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo *****Vantage Tools
2015-09-16 07:34 - 2013-06-05 00:34 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-09-16 07:34 - 2013-06-04 18:02 - 00000000 ____D () C:\ProgramData\Lenovo
2015-09-15 20:29 - 2013-09-07 01:14 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA
2015-09-15 20:29 - 2013-09-07 01:14 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core
Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptytmb4.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-13 00:34
==================== End Of Log ============================
--- --- --- |
|
14.10.2015, 12:44
| #8 |
| | Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige TextnachrichtCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2014
Ran by ***** at 2015-10-14 13:40:52
Running from C:\Users\*****\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Aangifte inkomstenbelasting 2011 (HKLM-x32\...\Aangifte inkomstenbelasting 2011) (Version: - Belastingdienst)
Aangifte inkomstenbelasting 2013 (HKLM-x32\...\Aangifte inkomstenbelasting 2013) (Version: - Belastingdienst)
ABN AMRO e.dentifier2 software (HKLM-x32\...\{55BF7E3E-F00A-4A3D-BB76-09228B35FFD6}) (Version: 02.00 - ABN AMRO BANK)
ActivePerl 5.20.2 Build 2002 (64-bit) (HKLM\...\{C07C5E6C-2225-4668-896C-31A7D105A9BB}) (Version: 5.20.2002 - ActiveState)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 19.0.0.190 - Adobe Systems Incorporated) Hidden
Adobe Connect 9 Add-in (HKCU\...\Adobe Connect 9 Add-in) (Version: 11,9,972,8 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Refresh Manager (x32 Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.4.0 - IObit)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB3085525) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3E6026BD-B7B9-486E-BFBF-880733117391}) (Version: - Microsoft)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit)
Dropbox (HKCU\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
Elements 12 Organizer (x32 Version: 12.0 - Ihr Firmenname) Hidden
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.55 - )
EPSON BX620FWD Series Printer Uninstall (HKLM\...\EPSON BX620FWD Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.1 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
G*Power 3.1.9.2 (HKLM-x32\...\{F9C59D86-6F65-4EDB-89A2-FBA1F78762D2}) (Version: 3.1.92 - Franz Faul, Uni Kiel, Germany)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
Google Apps Migration For Microsoft Outlook® 3.4.27.52 (HKLM-x32\...\{65960C6E-BFA2-4FE7-A1BC-8028F3072566}) (Version: 3.4.27.52 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.7.410.1100 (HKLM-x32\...\{799A7E2B-388F-4BDE-B55B-47AF42C6440A}) (Version: 3.7.410.1100 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hema Fotoalbum (HKCU\...\{83EF9202-135C-4AFC-A083-DE9D09C6BC46}_is1) (Version: - Hema)
Hola™ 1.9.510 - Better Internet (HKCU\...\Hola) (Version: 1.9.510 - Hola Networks Ltd.)
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.31 - SunplusIT)
Intel(R) Cloud Access Manager (Version: 1.0.0.0976 - Intel Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 17.13.2000.2036 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3359 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}) (Version: 17.13.2 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 17.13.1.0452 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.118 - IObit)
JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.45.14 - Oracle Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.72.10 - Lenovo)
Lenovo App Shop (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 44154 - Intel)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - )
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.2.1003.00 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.1 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.04 - )
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 2.00 - Lenovo Group Limited)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{E92E1FF1-B188-43FE-BECA-2248E227E67D}) (Version: 2.8.005.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0007 - Lenovo)
Lenovo USB 2.0 Ethernet Adapter (HKLM-x32\...\{29584513-DC7F-4EB9-8654-7C541DF0DDCE}) (Version: 1.11 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0021.00 - Lenovo Group Limited)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Master of Orion 2 (HKLM-x32\...\1207661633_is1) (Version: 2.1.0.18 - GOG.com)
Mendeley Desktop 1.11 (HKLM-x32\...\Mendeley Desktop) (Version: 1.11 - Mendeley Ltd.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM-x32\...\{90150000-001F-0413-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50903 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.2.5.4 - Ericsson AB)
Mozilla Firefox 41.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 de)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
Mplus Version 7.3 Demo (64-bit) (HKLM\...\{BA273660-8C9F-4835-A906-3B5686BE7AB4}) (Version: 7.3.0 - Muthen & Muthen)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nitro Pro 7 (HKLM\...\{36710189-55DF-4D75-8B6A-523CC61B7047}) (Version: 7.4.1.4 - Nitro PDF Software)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
R for Windows 3.0.3 (HKLM\...\R for Windows 3.0.3_is1) (Version: 3.0.3 - R Core Team)
R for Windows 3.2.0 (HKLM\...\R for Windows 3.2.0_is1) (Version: 3.2.0 - R Core Team)
RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - Lenovo)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1103 - RStudio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 29.5.90191 - Sonos, Inc.)
Spotify (HKCU\...\Spotify) (Version: 1.0.5.178.g885b099b - Spotify AB)
SRWare Iron version SRWare Iron 40.2150.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 40.2150.0 - SRWare)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TeXnicCenter Version 2.02 Stable (HKLM\...\TeXnicCenter_is1) (Version: 2.02 Stable - The TeXnicCenter Team)
TeXstudio 2.6.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.6.2 - Benito van der Zander)
*****Pad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
*****Pad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
*****Vantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.25.65 - Lenovo)
*****Vantage Access Connections (HKLM-x32\...\{A62AEB2B-E2A0-4E77-8AAE-9645FE3B5487}) (Version: 5.95 - Lenovo)
*****Vantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.44.0 - Lenovo)
*****Vantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
*****Vantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.81 - Lenovo)
Update for Microsoft Access 2010 (KB2965300) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{11E3BBC0-B7CA-41E7-BE61-B19AC8E8A136}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{B929A12E-CC68-4C4F-854F-EFE15C61A780}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{B929A12E-CC68-4C4F-854F-EFE15C61A780}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{B929A12E-CC68-4C4F-854F-EFE15C61A780}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E9B182C4-9B69-4A42-A799-C145FED67701}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E9B182C4-9B69-4A42-A799-C145FED67701}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{8BEEA2FC-D416-428A-B52A-A3ED45921151}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8BEEA2FC-D416-428A-B52A-A3ED45921151}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA28304-D86F-4ACA-97FA-D126E0D02416}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{091CB6F9-4347-4084-A572-7C320DA7D686}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{A4F91D60-654C-4892-BFD3-0D41ADA649B6}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{0B7744D2-1FDD-4843-9987-7CE11B79F370}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{D1C4AD0B-CC79-41D2-8D6A-571E7B30658C}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{60C9499F-B532-4206-AB19-F88C3A7684D5}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C1954E2B-1672-4E5C-B564-F8CB2D08345B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2965301) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{44F6677A-EC0A-4A4C-8D2D-B640FA1A6A20}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2965301) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{44F6677A-EC0A-4A4C-8D2D-B640FA1A6A20}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9C9636BD-37A7-43F7-BB00-5C7606B42D27}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB3054962) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{1FD09F33-2F6B-4C10-BBA1-31F8FE68F912}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB3054964) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{12B2F697-82C9-49A5-AA11-18806D3B3681}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{548F42CA-61CC-4A49-9963-50124AC7B81D}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B29C45D3-4B2D-4FC2-B072-81E3528E4EE1}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4B217615-025C-4FDB-B511-CA1174FF0F77}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2965297) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{1306C813-D03A-4FB1-AF83-C437CC454655}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2965297) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{1306C813-D03A-4FB1-AF83-C437CC454655}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB3085522) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{42369ADC-5A33-459E-BE1A-060F32A3289C}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB3085522) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA8586B9-BC29-4E59-BA98-2DF7002F256E}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E7C8C158-9575-4120-AF5E-5CCEF2DD6761}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB3085513) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{81563AA4-D2A7-4B52-9EAF-0471CCDBDF16}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{30B9D112-E68C-461D-B370-6D0B6AD61AC6}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB3085518) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2FD7E103-F9AD-41FD-8411-B0BCF6A7C38B}) (Version: - Microsoft)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
Widevine Media Optimizer Chrome 6.0.0 (HKCU\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer Chrome 6.0.0 (HKLM-x32\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer IE 6.0.0 (HKCU\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Intel (ISCT) System (08/23/2011 1.0.5.0) (HKLM\...\8D1FA6162A87496A05284A0C76A3B76705965B62) (Version: 08/23/2011 1.0.5.0 - Intel)
Windows-Treiberpaket - Intel System (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SmbDrv) System (07/05/2012 16.2.5.0) (HKLM\...\99334E0BAA64ED1D117794050F2AA7D3951D9A7D) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (07/05/2012 16.2.5.0) (HKLM\...\0395D83D6A2C0E110509B9E80E9BC5F29238FA82) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Zotero Standalone 4.0.23 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.23 (x86 en-US)) (Version: 4.0.23 - Zotero)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
==================== Restore Points =========================
04-10-2015 17:54:51 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-09-16 01:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05C78976-EF75-4798-8EDF-5F59FD4E9D1D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-17] (Lenovo)
Task: {0604997D-52D6-4514-AE28-F1DE449BF276} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {06AB8E71-ABA9-47C7-B557-69E305623749} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-03-30] (IObit)
Task: {14C5DB43-8759-4386-BDF6-D7DB4EE050F6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => C:\Windows\system32\GWX\GWX.exe [2015-07-04] (Microsoft Corporation)
Task: {15E54213-25DC-4EEE-963D-5B277FB39A42} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-07-04] (Microsoft Corporation)
Task: {16D76F82-AC80-4041-BCAC-6798F30CD84B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {23E62AD8-63C7-49C4-8D88-568E37D12038} - System32\Tasks\{E661EA14-4831-4DC9-BA24-1F58FD3A9520} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {2EB5F894-5754-434D-B73F-4BE8864AA087} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-04-07] (IObit)
Task: {32E5EF1F-DFA7-43CA-8A01-A290BD4CAE95} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => C:\Windows\system32\GWX\GWX.exe [2015-07-04] (Microsoft Corporation)
Task: {3A398B3D-4A65-49EB-B38D-0A09895A2250} - System32\Tasks\Opera scheduled Autoupdate 1420761345 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {3BE8FE16-AE70-4EA6-9C99-216409250166} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {4BC11159-3024-4A72-92F4-9637CFDA69A6} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-08-27] ()
Task: {4C2A1E4A-C7EE-470D-9958-CC358E92291E} - System32\Tasks\Driver Booster SkipUAC (*****) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-04-07] (IObit)
Task: {4D921DAC-9A08-4581-852D-45C2A781DF67} - System32\Tasks\AdobeAAMUpdater-1.0-*****-***** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {4ED24D9E-64F9-4EFD-8D62-2A46AB7FD6F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {4F0B2C63-178B-4C1D-88EF-0D7A2CB6FF59} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {5101C02D-4ACA-41E8-A6F5-210953BD81F2} - System32\Tasks\{9F4FBCB7-441F-4042-8998-402A08F71CD7} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {51106FB8-A26A-49B7-B2C7-CF490CDC4CAB} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-07-04] (Microsoft Corporation)
Task: {51527F61-8136-4602-9BBD-7F6A3386DE9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-25] (Adobe Systems Incorporated)
Task: {516DE39E-4BC8-46DC-98B3-4E384F30F3C3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {544E4E1D-B75D-4BB3-A0C9-D1FF08669CC2} - System32\Tasks\{96C4092B-3E36-4FFF-A252-679948D94E24} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {7919D72C-61BF-4D32-B4B1-611567EE8130} - System32\Tasks\ASC8_SkipUac_***** => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-08-13] (IObit)
Task: {7A94AD62-0252-460D-9461-2AECDE893A62} - System32\Tasks\{B5103088-5AA1-4ED1-B052-EE1CD81AA67F} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {7D8E856A-0023-450E-BD31-1D1A7FE3191B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => C:\Windows\system32\GWX\GWX.exe [2015-07-04] (Microsoft Corporation)
Task: {7ED977C3-E5A3-4DF8-A891-8CAC05FDC42C} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {81950FA3-3AF2-4847-B96B-94549F81FE8A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {87B99F39-997D-4779-8463-8CD302544AD5} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-08-12] (IObit)
Task: {8B1A1E8D-C0C0-4103-A1F3-3F622D197ACF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {8BA7A521-2EDE-4A9A-A6C4-3A2B99F3C353} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {9994E4F1-4B7E-483A-8A3C-1F1F92BD0591} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-07-04] (Microsoft Corporation)
Task: {A0C547F0-617C-40D8-9079-033C06E2AFA0} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {A66A4169-D399-41CB-8193-6621E49CB98E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A9A553D2-A554-44FC-95C8-5FA6297B2471} - System32\Tasks\{396E50AE-0DBA-4615-A96F-CFE4DC2D9EF1} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {ACA06C7F-29C4-4B82-9EE4-5D7963A33E65} - System32\Tasks\{7389CD34-2D3B-4788-99E0-2FA2C4B12C48} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {B016E349-BC35-4138-B43D-76900FE14EF0} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-07-04] (Microsoft Corporation)
Task: {B150C204-EABC-4EC4-B124-C101C945B990} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-5d => C:\Windows\system32\GWX\GWX.exe [2015-07-04] (Microsoft Corporation)
Task: {B778BFB7-60B7-4B81-BC9F-5C3402844DC0} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => C:\Windows\system32\GWX\GWX.exe [2015-07-04] (Microsoft Corporation)
Task: {BD88E10A-9E69-4A8C-B39C-203527DCC6DA} - System32\Tasks\Uninstaller_SkipUac_***** => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-04-23] (IObit)
Task: {CE9FB232-A20A-4B40-BDDE-6185834DBC42} - System32\Tasks\{1D30A00C-6ED6-4D93-B8A1-4E559F3B335B} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {D2A57E6F-F90F-4E0A-8870-20C421B5B0C3} - System32\Tasks\{BC072FDB-9C95-45AD-8328-17D7B8A4868E} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {D2AFAEDB-6B58-4F26-8B50-438E4452E081} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => C:\Windows\system32\GWX\GWX.exe [2015-07-04] (Microsoft Corporation)
Task: {D63B89A4-B7CE-47C3-9233-92909828A987} - System32\Tasks\{010A5FF7-A151-4825-B0EA-879607C5D583} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {D7CDE812-B353-455D-8286-DE0FC7CFEE28} - System32\Tasks\{D82A1DC1-78A4-4231-BB44-53D94432F129} => C:\Users\*****\Downloads\alfatest.exe [2015-05-12] ()
Task: {DE14A80B-A5D4-4B76-BADF-DF7A8A97D698} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {DE225219-FCE1-4AFF-8337-76007213F971} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-17] (Lenovo)
Task: {FAD79EA4-A58E-44D5-ABE1-D8703FC95E8A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-07-04] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-06-05 00:37 - 2012-03-19 08:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2013-06-05 00:38 - 2011-08-02 04:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2013-06-05 00:38 - 2011-08-02 04:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2013-06-05 00:36 - 2011-07-13 10:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2013-06-27 10:41 - 2013-05-13 15:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-23 18:50 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2015-10-14 09:26 - 2015-10-14 09:26 - 00071168 _____ () c:\users\*****\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptytmb4.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00012800 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00779776 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-17 13:27 - 2015-09-24 01:07 - 00056320 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00012288 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-03-04 23:45 - 2015-09-24 01:06 - 00056320 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-09-24 01:06 - 01128448 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-06-05 00:41 - 2013-06-19 20:10 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\AdwCleaner:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Boot:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Causal model.pptx:com.dropbox.attributes
AlternateDataStreams: C:\Causal_model_small.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Config.Msi:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Documents and Settings:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Dokumente und Einstellungen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\DRIVERS:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\FRST:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Intel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\mfg:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\MSOCache:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\PerfLogs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Program Files:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Program Files (x86):IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\swshare:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\SWTOOLS:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\System Volume Information:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\table1.png:com.dropbox.attributes
AlternateDataStreams: C:\Temp:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Workspace R:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\All Users:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Adobe:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Brother:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Cisco:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Desktop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Dokumente:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Downloaded Installations:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\EPSON:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Favoriten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Favorites:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\FileOpen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\IDM:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Intel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Lenovo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\MacheenService:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Malwarebytes:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\McAfee:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft Help:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Mozilla:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Nitro PDF:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Norton:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\NortonInstaller:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Oracle:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Package Cache:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\regid.1986-12.com.adobe:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\SafeNet Sentinel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Simply Super Software:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Skype:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Sophos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\SPSS:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Spybot - Search & Destroy:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Start Menu:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Startmenü:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Sun:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\TEMP:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Templates:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Vorlagen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpsonNet:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo App Shop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo *****Vantage Tools:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Desktop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Downloads:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Druckumgebung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Eigene Dateien:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Favorites:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Links:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Local Settings:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Lokale Einstellungen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\My Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\NetHood:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Netzwerkumgebung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\PrintHood:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Recent:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Saved Games:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\SendTo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Start Menu:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Startmenü:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Templates:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Vorlagen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\History:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Verlauf:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\Eigene Bilder:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\Eigene Musik:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\Eigene Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\My Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\My Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\My Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\History:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Verlauf:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Bilder:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Musik:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\My Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\My Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\My Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Desktop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Downloads:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Favorites:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Lenovo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Libraries:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Recorded TV:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Symantec:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Downloads\Norton:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\CrashDump:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\Eigene Bilder:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\Eigene Musik:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\Eigene Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\My Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\My Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\My Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\NativeFus_Log:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\.spss:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Contacts:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Cookies:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Desktop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Downloads:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Dropbox:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Druckumgebung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Eigene Dateien:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Favorites:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Links:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Lokale Einstellungen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Netzwerkumgebung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Recent:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Saved Games:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Searches:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\SendTo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Startmenü:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Vorlagen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Downloads\Adobe Photoshop Elements 12:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Downloads\Latex:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Downloads\mflpro:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Downloads\Microsoft Office Professional Plus 2013 32-bit (German):IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\LocalLow:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Adobe:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\CoSoSys:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Dropbox:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\EPSON:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\FileOpen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Identities:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\IDM:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Intel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\LavasoftStatistics:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Leadertech:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Lenovo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Malwarebytes:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Mozilla:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\MyPhoneExplorer:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Nitro PDF:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Notepad++:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Opera:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\PDAppFlex:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\PwrMgr:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Skype:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Spotify:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\texstudio:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Adobe:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Broadcom:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Cisco:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Diagnostics:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Downloaded Installations:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\ElevatedDiagnostics:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Google:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\GPSENABLER:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Hema Fotoalbum:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\IBM:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\javasharedresources:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Lenovo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\LSC:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Macromedia:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\MetaGeek,_LLC:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\MobileAccess:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Mozilla:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\ms-drivers:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Opera:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\PDF24:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\RStudio-Desktop.bu:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Spotify:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Temp:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\VeriSign:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\Verlauf:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Local\VirtualStore:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Amsterdam:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Bewerbungen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Bluetooth-Exchange-Ordner:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Eigene Bilder:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Eigene Musik:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Eigene Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Finanzen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Hema Fotoalbum:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\R:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Security Copy Dropbox:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\SPSSInc:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\Documents\Studium:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hema Fotoalbum:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: Google Update => "C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Integrated Camera_Monitor => C:\Program Files (x86)\Integrated Camera\monitor.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LENOVO.TPKNRRES => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
MSCONFIG\startupreg: LenovoNal => C:\Program Files\Lenovo\Lenovo Peer Connect\NalService.exe
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\*****\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PWMTRV => rundll32 C:\PROGRA~2\*****Pad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-1480473739-3576749651-3455334848-500 - Disabled - Status: Degraded)
Gast (S-1-5-21-1480473739-3576749651-3455334848-501 - Disabled - Status: Degraded)
HomeGroupUser$ (S-1-5-21-1480473739-3576749651-3455334848-1004 - Enabled - Status: OK)
***** (S-1-5-21-1480473739-3576749651-3455334848-1000 - Enabled - Status: OK) => C:\Users\*****
==================== Faulty Device Manager Devices =============
Name: Lenovo Connect Device 1.0
Description: Lenovo Connect Device 1.0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/14/2015 00:56:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/14/2015 00:56:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/14/2015 00:56:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/14/2015 00:56:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/14/2015 00:56:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=21, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/14/2015 00:56:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=18, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/14/2015 10:19:53 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/14/2015 10:19:53 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/14/2015 10:19:53 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/14/2015 10:19:53 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
System errors:
=============
Error: (10/14/2015 00:56:14 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0GET_STATEXX XX XX XX
Error: (10/14/2015 10:19:55 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0GET_STATEXX XX XX XX
Error: (10/14/2015 09:10:22 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (10/14/2015 09:10:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SMI Helper Driver (smihlp2)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/12/2015 03:56:24 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0GET_STATEXX XX XX XX
Error: (10/12/2015 03:56:23 PM) (Source: SCardSvr) (EventID: 616) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0
Error: (10/12/2015 03:56:23 PM) (Source: SCardSvr) (EventID: 612) (User: )
Description: Das Gerät erkennt den Befehl nicht.
Error: (10/12/2015 03:56:23 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0POWER00 00 00 00
Error: (10/12/2015 03:56:23 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Der E/A-Vorgang wurde wegen eines Threadendes oder einer Anwendungsanforderung abgebrochen.Mobile Broadband SIM Card Reader 0POWER00 00 00 00
Error: (10/12/2015 03:24:33 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät erkennt den Befehl nicht.Mobile Broadband SIM Card Reader 0GET_STATEXX XX XX XX
Microsoft Office Sessions:
=========================
Error: (10/14/2015 00:56:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path43900
Error: (10/14/2015 00:56:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path25900
Error: (10/14/2015 00:56:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path17900
Error: (10/14/2015 00:56:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path23808600
Error: (10/14/2015 00:56:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path21808600
Error: (10/14/2015 00:56:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path18808600
Error: (10/14/2015 10:19:53 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path43900
Error: (10/14/2015 10:19:53 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path25900
Error: (10/14/2015 10:19:53 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path17900
Error: (10/14/2015 10:19:53 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path23808600
CodeIntegrity Errors:
===================================
Date: 2015-10-14 13:00:56.666
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-13 22:30:40.523
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-12 23:07:20.392
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-12 23:06:06.192
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-12 23:04:39.796
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-12 22:24:56.431
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-12 22:10:28.089
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-12 22:10:22.110
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-12 22:09:13.243
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-12 19:07:40.613
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3667U CPU @ 2.00GHz
Percentage of memory in use: 34%
Total physical RAM: 7888.9 MB
Available physical RAM: 5136.21 MB
Total Pagefile: 15776 MB
Available Pagefile: 12706.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:200.43 GB) (Free:37.7 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:3.23 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: B605DD09)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)
==================== End Of Log ============================
|
|
14.10.2015, 19:45
| #9 |
| /// the machine /// TB-Ausbilder | Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige Textnachricht Einfach wie oben beschrieben mit Combofix weiter machen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.10.2015, 13:20
| #10 |
| | Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige Textnachricht Hallo Schrauber, Das Problem, dass sich meine Tastatur ausschaltet kam zuletzt häufiger vor. Gibt es da bereits eine Erklärung für? Habe Combofix laufen lassen. Der Scan hat etwa 50 Minuten gedauert. Es wurde eine Fehlernachricht nach dem Neustart beim Erstellen der Log-Datei angezeigt, wie folgt: "ToolB-Orph03-X64 kann nicht exportiert werden. Fehler beim öffnen der Datei. Mögliche Ursache ist ein Datenträger- oder Dateisystemfehler." Ich habe die Nachricht mit OK bestätigt. Kurz danach wurde die Log Datei angzeigt. Hier ist sie: Code:
ATTFilter ComboFix 15-10-15.01 - ****** 16.10.2015 13:20:15.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.7889.5934 [GMT 2:00]
ausgeführt von:: c:\users\******\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
FW: Kaspersky Internet Security *Disabled* {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
SP: Kaspersky Internet Security *Disabled/Updated* {0F7D947C-13CC-4207-47BE-41AC12334EC6}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Lenovo\Lenovo Solution Center\Microsoft Fix it\FixitUi\_desktop.ini
c:\programdata\Roaming
c:\users\******\AppData\Local\Adobe\downloader.dll
.
----- Datei Replikatoren -----
.
c:\program files (x86)\Git\libexec\git-core\git-add.exe
c:\program files (x86)\Git\libexec\git-core\git-annotate.exe
c:\program files (x86)\Git\libexec\git-core\git-apply.exe
c:\program files (x86)\Git\libexec\git-core\git-archive.exe
c:\program files (x86)\Git\libexec\git-core\git-bisect--helper.exe
c:\program files (x86)\Git\libexec\git-core\git-blame.exe
c:\program files (x86)\Git\libexec\git-core\git-branch.exe
c:\program files (x86)\Git\libexec\git-core\git-bundle.exe
c:\program files (x86)\Git\libexec\git-core\git-cat-file.exe
c:\program files (x86)\Git\libexec\git-core\git-check-attr.exe
c:\program files (x86)\Git\libexec\git-core\git-check-ignore.exe
c:\program files (x86)\Git\libexec\git-core\git-check-mailmap.exe
c:\program files (x86)\Git\libexec\git-core\git-check-ref-format.exe
c:\program files (x86)\Git\libexec\git-core\git-checkout-index.exe
c:\program files (x86)\Git\libexec\git-core\git-checkout.exe
c:\program files (x86)\Git\libexec\git-core\git-cherry-pick.exe
c:\program files (x86)\Git\libexec\git-core\git-cherry.exe
c:\program files (x86)\Git\libexec\git-core\git-clean.exe
c:\program files (x86)\Git\libexec\git-core\git-clone.exe
c:\program files (x86)\Git\libexec\git-core\git-column.exe
c:\program files (x86)\Git\libexec\git-core\git-commit-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-commit.exe
c:\program files (x86)\Git\libexec\git-core\git-config.exe
c:\program files (x86)\Git\libexec\git-core\git-count-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-credential.exe
c:\program files (x86)\Git\libexec\git-core\git-describe.exe
c:\program files (x86)\Git\libexec\git-core\git-diff-files.exe
c:\program files (x86)\Git\libexec\git-core\git-diff-index.exe
c:\program files (x86)\Git\libexec\git-core\git-diff-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-diff.exe
c:\program files (x86)\Git\libexec\git-core\git-fast-export.exe
c:\program files (x86)\Git\libexec\git-core\git-fetch-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-fetch.exe
c:\program files (x86)\Git\libexec\git-core\git-fmt-merge-msg.exe
c:\program files (x86)\Git\libexec\git-core\git-for-each-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-format-patch.exe
c:\program files (x86)\Git\libexec\git-core\git-fsck-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-fsck.exe
c:\program files (x86)\Git\libexec\git-core\git-gc.exe
c:\program files (x86)\Git\libexec\git-core\git-get-tar-commit-id.exe
c:\program files (x86)\Git\libexec\git-core\git-grep.exe
c:\program files (x86)\Git\libexec\git-core\git-hash-object.exe
c:\program files (x86)\Git\libexec\git-core\git-help.exe
c:\program files (x86)\Git\libexec\git-core\git-index-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-init-db.exe
c:\program files (x86)\Git\libexec\git-core\git-init.exe
c:\program files (x86)\Git\libexec\git-core\git-log.exe
c:\program files (x86)\Git\libexec\git-core\git-ls-files.exe
c:\program files (x86)\Git\libexec\git-core\git-ls-remote.exe
c:\program files (x86)\Git\libexec\git-core\git-ls-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-mailinfo.exe
c:\program files (x86)\Git\libexec\git-core\git-mailsplit.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-base.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-file.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-index.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-ours.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-recursive.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-subtree.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-merge.exe
c:\program files (x86)\Git\libexec\git-core\git-mktag.exe
c:\program files (x86)\Git\libexec\git-core\git-mktree.exe
c:\program files (x86)\Git\libexec\git-core\git-mv.exe
c:\program files (x86)\Git\libexec\git-core\git-name-rev.exe
c:\program files (x86)\Git\libexec\git-core\git-notes.exe
c:\program files (x86)\Git\libexec\git-core\git-pack-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-pack-redundant.exe
c:\program files (x86)\Git\libexec\git-core\git-pack-refs.exe
c:\program files (x86)\Git\libexec\git-core\git-patch-id.exe
c:\program files (x86)\Git\libexec\git-core\git-prune-packed.exe
c:\program files (x86)\Git\libexec\git-core\git-prune.exe
c:\program files (x86)\Git\libexec\git-core\git-push.exe
c:\program files (x86)\Git\libexec\git-core\git-read-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-receive-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-reflog.exe
c:\program files (x86)\Git\libexec\git-core\git-remote-ext.exe
c:\program files (x86)\Git\libexec\git-core\git-remote-fd.exe
c:\program files (x86)\Git\libexec\git-core\git-remote.exe
c:\program files (x86)\Git\libexec\git-core\git-repack.exe
c:\program files (x86)\Git\libexec\git-core\git-replace.exe
c:\program files (x86)\Git\libexec\git-core\git-rerere.exe
c:\program files (x86)\Git\libexec\git-core\git-reset.exe
c:\program files (x86)\Git\libexec\git-core\git-rev-list.exe
c:\program files (x86)\Git\libexec\git-core\git-rev-parse.exe
c:\program files (x86)\Git\libexec\git-core\git-revert.exe
c:\program files (x86)\Git\libexec\git-core\git-rm.exe
c:\program files (x86)\Git\libexec\git-core\git-send-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-shortlog.exe
c:\program files (x86)\Git\libexec\git-core\git-show-branch.exe
c:\program files (x86)\Git\libexec\git-core\git-show-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-show.exe
c:\program files (x86)\Git\libexec\git-core\git-stage.exe
c:\program files (x86)\Git\libexec\git-core\git-status.exe
c:\program files (x86)\Git\libexec\git-core\git-stripspace.exe
c:\program files (x86)\Git\libexec\git-core\git-symbolic-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-tag.exe
c:\program files (x86)\Git\libexec\git-core\git-unpack-file.exe
c:\program files (x86)\Git\libexec\git-core\git-unpack-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-update-index.exe
c:\program files (x86)\Git\libexec\git-core\git-update-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-update-server-info.exe
c:\program files (x86)\Git\libexec\git-core\git-upload-archive.exe
c:\program files (x86)\Git\libexec\git-core\git-var.exe
c:\program files (x86)\Git\libexec\git-core\git-verify-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-verify-tag.exe
c:\program files (x86)\Git\libexec\git-core\git-whatchanged.exe
c:\program files (x86)\Git\libexec\git-core\git-write-tree.exe
c:\program files (x86)\Git\libexec\git-core\git.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\afm2afm.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\arlatex.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\authorindex.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\autoinst.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\bib2xhtml.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\bibdoiadd.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\bibhtml.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\bibzbladd.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\biokey2html.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\biokey2html1.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\biokey2html2.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\biokey2html3.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\birm.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\bundledoc.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\cmap2enc.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\creatdtx.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\csvtools.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ctanify.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ctanupload.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\dad-to-utf8.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\dosepsbin.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\dumphint.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\eps2eps.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\etexdef.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\exceltex.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\extractres.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\feynmf.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\fig4latex.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\findhyph.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\font2afm.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\font2c.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\fullref.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\gsbj.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\gsdj.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\gsdj500.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\gslj.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\gslp.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\gsnd.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\gsndt.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\gssetgs.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\gst.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\gstt.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ht.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\htcontext.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\htcopy.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\htlatex.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\htmex.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\htmove.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\httex.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\httexi.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\htxelatex.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\htxetex.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ibyhyph.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\internal\runbat.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\internal\runperl.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\latex-git-log.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\latexdef.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\latexdiff-fast.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\latexdiff-so.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\latexdiff-vc.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\latexdiff.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\latexindent.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\latexmk.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\latexpand.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\latexrevise.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\lp386.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\lp386r2.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\lpgs.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\lpr2.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ltx2crossrefxml.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ltximg.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\lualatexdef.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\luatexdef.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\makedtx.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\makeglossaries.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\makejmlrbook.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\mathspic.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\mathspic113.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\mf2pt1.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\mk4ht.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\mkjobtexmf.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\mkt1font.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\mptopdf.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\OOopict.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\orderrefs.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ot2kpx.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pdf2dsc.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pdf2ps.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pdfatfi.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pdfcrop.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pdflatexdef.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pdfopt.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pdftexdef.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pedigree.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\perltex.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pf2afm.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pfbtopfa.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pfm2kpx.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pftogsf.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pkfix-helper.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pkfix.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pn2pdf.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ps2ascii.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ps2epsi.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ps2pdf.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ps2pdf12.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ps2pdf13.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ps2pdf14.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ps2pdfxx.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ps2ps.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ps2ps2.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\ps4pdf.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\psjoin.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\pst2pdf.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\rcsinfo.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\showglyphs.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\splitindex.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\sty2dtx.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\svn-multi.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\texcount.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\texdef.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\texdiff.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\texdirflatten.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\texfot.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\texindy.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\thumbpdf.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\urlbst.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\utf8-to-dad.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\vpe.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\vpl2ovp.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\vpl2vpl.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\wmakebat.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\xdv2pdf_mergemarks.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\xelatexdef.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\xetexdef.exe
c:\program files (x86)\MiKTeX 2.9\miktex\bin\xindy.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\bin\git-receive-pack.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\bin\git-upload-archive.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\bin\git.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-add.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-annotate.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-apply.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-archive.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-bisect--helper.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-blame.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-branch.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-bundle.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-cat-file.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-check-attr.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-check-ignore.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-check-mailmap.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-check-ref-format.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-checkout-index.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-checkout.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-cherry-pick.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-cherry.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-clean.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-clone.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-column.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-commit-tree.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-commit.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-config.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-count-objects.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-credential.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-describe.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-diff-files.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-diff-index.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-diff-tree.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-diff.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-fast-export.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-fetch-pack.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-fetch.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-fmt-merge-msg.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-for-each-ref.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-format-patch.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-fsck-objects.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-fsck.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-gc.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-get-tar-commit-id.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-grep.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-hash-object.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-help.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-index-pack.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-init-db.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-init.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-log.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-ls-files.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-ls-remote.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-ls-tree.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-mailinfo.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-mailsplit.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-merge-base.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-merge-file.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-merge-index.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-merge-ours.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-merge-recursive.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-merge-subtree.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-merge-tree.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-merge.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-mktag.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-mktree.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-mv.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-name-rev.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-notes.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-pack-objects.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-pack-redundant.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-pack-refs.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-patch-id.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-prune-packed.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-prune.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-push.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-read-tree.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-receive-pack.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-reflog.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-remote-ext.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-remote-fd.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-remote.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-repack.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-replace.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-rerere.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-reset.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-rev-list.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-rev-parse.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-revert.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-rm.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-send-pack.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-shortlog.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-show-branch.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-show-ref.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-show.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-stage.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-status.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-stripspace.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-symbolic-ref.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-tag.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-unpack-file.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-unpack-objects.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-update-index.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-update-ref.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-update-server-info.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-upload-archive.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-var.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-verify-pack.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-verify-tag.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-whatchanged.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git-write-tree.exe
c:\users\******\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\libexec\git-core\git.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-09-16 bis 2015-10-16 ))))))))))))))))))))))))))))))
.
.
2015-10-16 11:43 . 2015-10-16 11:43 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-10-16 11:43 . 2015-10-16 11:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-02 16:11 . 2015-10-02 16:11 -------- d-----w- c:\users\******\TeXworks
2015-09-29 17:50 . 2015-09-29 17:50 -------- d-----w- c:\program files\TeXnicCenter
2015-09-29 17:08 . 2015-09-29 17:08 -------- d-----w- c:\users\******\AppData\Roaming\MiKTeX
2015-09-29 17:08 . 2015-09-29 17:08 -------- d-----w- c:\programdata\MiKTeX
2015-09-29 17:08 . 2015-09-29 17:08 -------- d-----w- c:\users\******\AppData\Local\MiKTeX
2015-09-29 17:07 . 2015-09-29 17:07 -------- d-----w- c:\program files (x86)\MiKTeX 2.9
2015-09-29 09:09 . 2015-09-29 09:09 -------- d-----w- C:\texlive
2015-09-27 14:16 . 2015-09-27 14:16 -------- d-----w- c:\program files (x86)\JabRef
2015-09-27 13:51 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-09-27 13:51 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-27 13:32 . 2015-09-16 03:43 11062400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{77E67AEE-D1C5-4739-A382-CC34E6D14004}\mpengine.dll
2015-09-27 13:28 . 2015-07-16 19:12 856064 ----a-w- c:\windows\SysWow64\rdvidcrl.dll
2015-09-27 13:23 . 2015-08-26 18:07 98304 ----a-w- c:\windows\system32\wudriver.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-14 16:15 . 2013-12-14 15:24 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-14 16:15 . 2013-12-14 15:24 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-09-26 12:37 . 2015-06-08 17:43 41352 ----a-w- c:\windows\system32\drivers\klpd.sys
2015-09-10 12:52 . 2014-08-04 07:15 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-09-10 12:52 . 2014-08-04 07:15 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-08-26 16:37 . 2013-06-27 07:26 134753440 ----a-w- c:\windows\system32\MRT.exe
2015-07-22 17:53 . 2015-09-27 13:29 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-01 23:08 194824 ----a-w- c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-01 23:08 194824 ----a-w- c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-01 23:08 194824 ----a-w- c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-05-12 2022968]
"Advanced SystemCare 8"="c:\program files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" [2015-04-08 2429728]
"Dropbox Update"="c:\users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-17 134512]
"hola"="c:\users\******\AppData\Local\Hola\local\app\hola.exe" [2015-09-10 2032256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-07-18 292088]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-05-30 132920]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2013-06-19 156000]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2011-07-13 4351712]
"Lenovo App Shop"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2013-06-19 156000]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"Integrated Camera_Monitor"="c:\program files (x86)\Integrated Camera\monitor.exe" [2013-12-10 1719456]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-08-31 508656]
.
c:\users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 36710768]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\******Pad\Bluetooth Software\BTTray.exe [2013-5-14 1395416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\******Vantage Fingerprint Software\psqlpwd.dll c:\program files\******Pad\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 CAMService;CAM Service;c:\program files\Intel\CAM\bin\CAMService.exe;c:\program files\Intel\CAM\bin\CAMService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 QuickControlMasterSvc;Lenovo QuickControl Master Service;c:\program files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe;c:\program files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 smihlp2;SMI Helper Driver (smihlp2);c:\program files\******Vantage Fingerprint Software\smihlp.sys;c:\program files\******Vantage Fingerprint Software\smihlp.sys [x]
R3 ALSysIO;ALSysIO;c:\users\******\AppData\Local\Temp\ALSysIO64.sys;c:\users\******\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpuz137;cpuz137;c:\users\******\AppData\Local\Temp\cpuz137\cpuz137_x64.sys;c:\users\******\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\******Pad\Utilities\DZSVC64.EXE;c:\program files (x86)\******Pad\Utilities\DZSVC64.EXE [x]
R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys;c:\windows\SYSNATIVE\DRIVERS\aabed2.sys [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 LenLan;Lenovo USB 2.0 Ethernet Adapter;c:\windows\system32\DRIVERS\LenLan.sys;c:\windows\SYSNATIVE\DRIVERS\LenLan.sys [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\******Pad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\******Pad\Utilities\PWMDBSVC.EXE [x]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\******Pad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\******Pad\Utilities\PWMEWSVC.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 usbrndis6;USB-RNDIS6-Adapter;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 vssbrigde64;vssbrigde64;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys;c:\windows\SYSNATIVE\DRIVERS\DzHDD64.sys [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\drivers\PxHlpa64.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [x]
S2 AdobeActiveFileMonitor12.0;Adobe Active File Monitor V12;c:\program files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AdvancedSystemCareService8;Advanced SystemCare Service 8;c:\program files (x86)\IObit\Advanced SystemCare 8\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [x]
S2 AVP16.0.0;Kaspersky Anti-Virus Service 16.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 LENOVO.TVTVCAM;******Vantage Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 lnvDiscoveryWinSvc;lnvDiscoveryWinSvc;c:\program files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe;c:\program files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [x]
S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [x]
S2 risdxc;risdxc;c:\windows\system32\DRIVERS\risdxc64.sys;c:\windows\SYSNATIVE\DRIVERS\risdxc64.sys [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 TPHKSVC;Anzeige am Bildschirm;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [x]
S2 WMCoreService;Mobile Broadband Service;c:\program files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe servicemode;c:\program files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe servicemode [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 ecnssndis; Mobile Broadband Driver;c:\windows\system32\Drivers\wwuss64.sys;c:\windows\SYSNATIVE\Drivers\wwuss64.sys [x]
S3 ecnssndisfltr; Mobile Broadband Driver Filter;c:\windows\system32\Drivers\wwussf64.sys;c:\windows\SYSNATIVE\Drivers\wwussf64.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 l36wgps; Mobile Broadband GPS Port;c:\windows\system32\DRIVERS\l36wgps64.sys;c:\windows\SYSNATIVE\DRIVERS\l36wgps64.sys [x]
S3 l36wscard; Mobile Broadband USIM Port;c:\windows\system32\DRIVERS\l36wscard.sys;c:\windows\SYSNATIVE\DRIVERS\l36wscard.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 Mbm3CBus;H5321 gw Mobile Broadband Device (WDM);c:\windows\system32\DRIVERS\Mbm3CBus.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3CBus.sys [x]
S3 Mbm3DevMt; Mobile Broadband Device Management Driver (WDM);c:\windows\system32\DRIVERS\Mbm3DevMt.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3DevMt.sys [x]
S3 Mbm3mdfl; Mobile Broadband Modem Port Filter;c:\windows\system32\DRIVERS\Mbm3mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3mdfl.sys [x]
S3 Mbm3Mdm; Mobile Broadband Modem Port Driver;c:\windows\system32\DRIVERS\Mbm3Mdm.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3Mdm.sys [x]
S3 QuickControlService;Lenovo QuickControl Service;c:\program files (x86)\Lenovo\QuickControl\QuickControlService.exe;c:\program files (x86)\Lenovo\QuickControl\QuickControlService.exe [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys;c:\windows\SYSNATIVE\Drivers\SPUVCbv_x64.sys [x]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys;c:\windows\SYSNATIVE\DRIVERS\Tvti2c.sys [x]
S3 tvtvcamd;Camera Plus (VGA Resolution Maximum);c:\windows\system32\DRIVERS\tvtvcamd.sys;c:\windows\SYSNATIVE\DRIVERS\tvtvcamd.sys [x]
S3 WwanUsbServ;Mobile Broadband Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys;c:\windows\SYSNATIVE\DRIVERS\WwanUsbMp64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-10-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-14 16:15]
.
2015-10-15 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job
- c:\users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 14:27]
.
2015-10-16 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job
- c:\users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 14:27]
.
2015-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-04 15:45]
.
2015-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-04 15:45]
.
2015-10-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job
- c:\users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-06 10:22]
.
2015-10-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job
- c:\users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-06 10:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2015-04-23 16:48 2471744 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-09-13 13653208]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-08-30 1321688]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-11-28 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-11-28 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-11-28 444400]
"AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2015-06-08 63728]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
Trusted Zone: hola.org
TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 192.168.192.1
DPF: {538793D5-659C-4639-A56C-A179AD87ED44} - hxxps://solisvpn.******/CACHE/stc/20/binaries/vpnweb.cab
FF - ProfilePath - c:\users\******\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{3CEC3E6D-ECF2-4B49-8A41-3B16DF8B9C3F} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_207_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_207_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_207_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_207_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_207.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_207.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_207.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_207.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe
c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
c:\program files (x86)\Lenovo\QuickControl\QuickControl.exe
c:\program files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
c:\progra~1\Lenovo\HOTKEY\TPONSCR.EXE
c:\program files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
c:\program files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
c:\program files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
c:\program files\Lenovo\Lenovo Solution Center\LSCNotify.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-10-16 14:05:16 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-10-16 12:05
ComboFix2.txt 2014-09-15 23:47
.
Vor Suchlauf: 27 Verzeichnis(se), 38.953.824.256 Bytes frei
Nach Suchlauf: 29 Verzeichnis(se), 38.684.762.112 Bytes frei
.
- - End Of File - - 87742EF97E0FD0438540CFB1FB7C67A4
B78F010C2F6E54FC3F947B22CE0352FC
|
|
17.10.2015, 11:28
| #11 |
| /// the machine /// TB-Ausbilder | Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige Textnachricht Nö, noch nicht. Da ist Malware, aber ob das die Ursache ist ist unklar. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.10.2015, 15:53
| #12 |
| | Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige Textnachricht Also da hätten wir eine Menge logs... Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 17.10.2015 Scan Time: 15:06 Logfile: mwbytes.txt Administrator: Yes Version: 2.2.0.1024 Malware Database: v2015.10.17.03 Rootkit Database: v2015.10.16.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: ****** Scan Type: Threat Scan Result: Completed Objects Scanned: 359287 Time Elapsed: 8 min, 13 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Warn PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v5.013 - Bericht erstellt am 17/10/2015 um 15:32:35
# Aktualisiert am 09/10/2015 von Xplode
# Datenbank : 2015-10-16.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : ***** - *****
# Gestartet von : C:\Users\*****\Desktop\AdwCleaner_5.013.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Users\*****\AppData\Local\Hola
[-] Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Hola
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\user.js
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [hola]
[-] Schlüssel Gelöscht : HKCU\Software\MozillaPlugins\@hola.org/FlashPlayer
[-] Schlüssel Gelöscht : HKCU\Software\MozillaPlugins\@hola.org/vlc
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : HKCU\Software\Hola
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Hola
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Hola
***** [ Internetbrowser ] *****
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2406 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Professional x64
Ran by ****** on 17.10.2015 at 15:36:25,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster Scan
Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster SkipUAC (******)
Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster Update
Successfully deleted: [Task] C:\Windows\system32\tasks\Uninstaller_SkipUac_******
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\Program Files (x86)\iobit\driver booster
Successfully deleted: [Folder] C:\ProgramData\iobit\driver booster
Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver booster 2
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\Users\******\AppData\Roaming\iobit\driver booster
Successfully deleted: [Folder] C:\Users\******\AppData\Roaming\productdata
~~~ FireFox
Successfully deleted: [Folder] C:\Users\******\AppData\Roaming\mozilla\firefox\profiles\n12tz17e.default-1421155951383\extensions\iobitascsurfingprotection@iobit.com
Successfully deleted the following from C:\Users\******\AppData\Roaming\mozilla\firefox\profiles\n12tz17e.default-1421155951383\prefs.js
user_pref(extensions.xpiState, {\app-profile\:{\iobitascsurfingprotection@iobit.com\:{\d\:\C:\\\\Users\\\\******\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profi
~~~ Chrome
[C:\Users\******\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\******\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\******\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\******\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.10.2015 at 15:41:45,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-10-2015
durchgeführt von ******* (Administrator) auf ******* (17-10-2015 16:44:42)
Gestartet von C:\Users\*******\Downloads
Geladene Profile: ******* (Verfügbare Profile: *******)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Broadcom Corporation.) C:\Program Files\*******Pad\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Farbar) C:\Users\*******\Downloads\FRST64(6).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63728 2015-06-08] (Lenovo)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719456 2013-12-10] (SunplusIT, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\*******Vantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Spotify Web Helper] => C:\Users\*******\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2022968 2015-05-12] (Spotify Ltd)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Dropbox Update] => C:\Users\*******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\*******Vantage Fingerprint Software\psqlpwd.dll C:\Program Files\*******Pad\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [CeDesktopIntegration] -> {3CEC3E6D-ECF2-4B49-8A41-3B16DF8B9C3F} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-06-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\*******Pad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-06-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\*******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Tcpip\..\Interfaces\{377520F3-E7C7-403B-997E-42BDEC38E4BC}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6E5C7DA5-A581-4A8E-B3A9-7B58FA045ADB}: [DhcpNameServer] 192.168.16.2 141.211.32.6
Tcpip\..\Interfaces\{8A21F8CE-5324-4563-A4A5-D47CF1CBA83B}: [DhcpNameServer] 172.168.111.2
Tcpip\..\Interfaces\{B524442D-7D83-4ED0-A93C-096812422175}: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/*******pad
SearchScopes: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> {417735E5-3C9D-89A4-A0EC-2BA9A2D311CA} URL =
SearchScopes: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-19] (Symantec Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-19] (Symantec Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} hxxps://*******vpn.*******/CACHE/stc/20/binaries/vpnweb.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-16] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @ABNAMRO/BECON,version=1.00 -> C:\Program Files (x86)\ABN AMRO e.dentifier2\Mozilla\npBECON.dll [2011-07-07] (ABN AMRO)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-23] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @hola.org/FlashPlayer -> C:\Users\*******\AppData\Local\Hola\firefox\app\flash\NPSWF32_18_0_0_232.dll [2015-10-17] ()
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @hola.org/vlc -> C:\Users\*******\AppData\Local\Hola\firefox\app\vlc\npvlc.dll [2015-10-17] (Hola)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\*******\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\*******\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @talk.google.com/O1DPlugin -> C:\Users\*******\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @tools.google.com/Google Update;version=3 -> C:\Users\*******\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @tools.google.com/Google Update;version=9 -> C:\Users\*******\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: google.com/WidevineMediaOptimizer -> C:\Users\*******\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-06-19] (Intel)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-06-19] (Intel)
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1480473739-3576749651-3455334848-1000\FireFox\user.js [2015-04-23]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\*******\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*******\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*******\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-05-15] (Octoshape ApS)
FF Extension: Hola Better Internet - C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-10-14] [ist nicht signiert]
FF Extension: Zotero - C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\Extensions\zotero@chnm.gmu.edu.xpi [2015-03-07] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2013-06-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-09-10] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [VIP4X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
Chrome:
=======
CHR Profile: C:\Users\*******\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky URL Advisor) - C:\Users\*******\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-07-27]
CHR Extension: (Safe Money) - C:\Users\*******\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-07-27]
CHR Extension: (Virtual Keyboard) - C:\Users\*******\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-07-27]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\*******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2013-07-26]
CHR Extension: (Anti-Banner) - C:\Users\*******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-07-27]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-10] (Kaspersky Lab ZAO)
S2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1243344 2014-09-03] (Intel® Corporation)
S3 DozeSvc; C:\Program Files (x86)\*******Pad\Utilities\DZSVC64.EXE [320576 2013-06-26] (Lenovo.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
S2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-01] (Lenovo Group Limited)
S2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-17] (IObit)
S2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [20984 2013-10-18] (Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424 2015-08-17] (Lenovo)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] ()
S2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-23] (Nitro PDF Software)
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59440 2013-12-16] (Lenovo Group Limited)
S3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [319024 2013-12-16] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22008 2015-09-10] ()
S2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2013-03-27] (Broadcom Corporation.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 e.dentifier2; C:\Windows\System32\DRIVERS\aabed2.sys [28672 2008-03-20] (Todos Data System AB)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-08-31] (GFI Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-04] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [931000 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-26] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R3 l36wscard; C:\Windows\System32\DRIVERS\l36wscard.sys [61992 2011-01-14] (Ericsson AB)
S3 LenLan; C:\Windows\System32\DRIVERS\LenLan.sys [98816 2012-05-29] (Lenovo Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [443208 2012-10-02] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [453960 2012-10-02] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [21832 2012-10-02] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [506184 2012-10-02] (MCCI Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1514144 2013-12-10] (Sunplus)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (*******Vantage Communications Utility)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-12-13] (Cisco Systems, Inc.)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [281840 2013-02-19] (Ericsson AB)
S3 ALSysIO; \??\C:\Users\*******\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz137; \??\C:\Users\*******\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S2 smihlp2; \??\C:\Program Files\*******Vantage Fingerprint Software\smihlp.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-17 16:44 - 2015-10-17 16:44 - 02196992 _____ (Farbar) C:\Users\*******\Downloads\FRST64(6).exe
2015-10-17 15:41 - 2015-10-17 16:40 - 00002458 _____ C:\Users\*******\Desktop\JRT.txt
2015-10-17 15:36 - 2015-10-05 23:26 - 01801288 _____ (Malwarebytes) C:\Users\*******\Desktop\JRT.exe
2015-10-17 15:35 - 2015-10-17 15:35 - 01798976 _____ (Malwarebytes) C:\Users\*******\Desktop\JRT(2).exe
2015-10-17 15:35 - 2015-10-17 15:35 - 00000000 ____D C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-17 15:34 - 2015-10-17 16:41 - 00002492 _____ C:\Users\*******\Desktop\AdwCleaner[C3].txt
2015-10-17 15:34 - 2015-10-17 15:34 - 00000000 ____D C:\Users\*******\AppData\Local\Hola
2015-10-17 15:27 - 2015-10-17 15:27 - 01682432 _____ C:\Users\*******\Desktop\AdwCleaner_5.013.exe
2015-10-17 15:26 - 2015-10-17 16:41 - 00001052 _____ C:\Users\*******\Desktop\mwbytes.txt
2015-10-17 00:36 - 2015-10-17 11:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-16 19:01 - 2015-10-16 19:01 - 00000135 _____ C:\Windows\SysWOW64\debug.log
2015-10-16 14:11 - 2015-10-16 14:11 - 00061325 _____ C:\Users\*******\Desktop\ComboFix_edited.txt
2015-10-16 14:05 - 2015-10-16 14:05 - 00061325 _____ C:\ComboFix.txt
2015-10-16 13:14 - 2015-10-16 13:14 - 05636101 ____R (Swearware) C:\Users\*******\Desktop\ComboFix.exe
2015-10-02 18:11 - 2015-10-02 18:11 - 21777663 _____ C:\Users\*******\Downloads\TeXworks-w32-0.4.6-20150403-git_c29723a.zip
2015-10-02 18:11 - 2015-10-02 18:11 - 00000000 ____D C:\Users\*******\TeXworks
2015-10-02 18:11 - 2015-10-02 18:11 - 00000000 ____D C:\Users\*******\Downloads\TeXworks-w32-0.4.6-20150403-git_c29723a
2015-09-29 19:50 - 2015-10-01 00:11 - 00001131 _____ C:\Users\*******\Desktop\TeXnicCenter.lnk
2015-09-29 19:50 - 2015-09-29 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXnicCenter
2015-09-29 19:50 - 2015-09-29 19:50 - 00000000 ____D C:\Program Files\TeXnicCenter
2015-09-29 19:48 - 2015-09-29 19:49 - 12631003 _____ (The TeXnicCenter Team ) C:\Users\*******\Downloads\TXCSetup_2.02Stable_x64.exe
2015-09-29 19:09 - 2015-09-29 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2015-09-29 19:08 - 2015-09-29 19:08 - 00000000 ____D C:\Users\*******\AppData\Roaming\MiKTeX
2015-09-29 19:08 - 2015-09-29 19:08 - 00000000 ____D C:\Users\*******\AppData\Local\MiKTeX
2015-09-29 19:08 - 2015-09-29 19:08 - 00000000 ____D C:\ProgramData\MiKTeX
2015-09-29 19:07 - 2015-09-29 19:07 - 00000000 ____D C:\Program Files (x86)\MiKTeX 2.9
2015-09-29 19:05 - 2015-09-29 19:05 - 178712840 _____ (MiKTeX.org) C:\Users\*******\Downloads\basic-miktex-2.9.5721.exe
2015-09-29 19:03 - 2015-09-29 19:03 - 188503304 _____ (MiKTeX.org) C:\Users\*******\Downloads\basic-miktex-2.9.5721-x64.exe
2015-09-29 18:52 - 2015-09-29 18:52 - 16833468 _____ C:\Users\*******\Downloads\biber-MSWIN.zip
2015-09-29 18:52 - 2015-09-29 18:52 - 00000000 ____D C:\Users\*******\Downloads\biber-MSWIN
2015-09-29 17:59 - 2015-09-29 17:59 - 00001691 _____ C:\Users\*******\X.log
2015-09-29 11:12 - 2015-09-29 11:12 - 00622299 _____ C:\Users\*******\Downloads\apa6(1).zip
2015-09-29 11:09 - 2015-09-29 11:09 - 00000000 ____D C:\texlive
2015-09-29 11:08 - 2015-09-29 11:08 - 13285427 _____ C:\Users\*******\Downloads\install-tl-windows.exe
2015-09-27 16:57 - 2015-09-27 16:57 - 00000000 ____D C:\Users\*******\Downloads\apa6
2015-09-27 16:55 - 2015-09-27 16:55 - 00622299 _____ C:\Users\*******\Downloads\apa6.zip
2015-09-27 16:16 - 2015-09-27 16:16 - 00001864 _____ C:\Users\Public\Desktop\JabRef 2.10.lnk
2015-09-27 16:16 - 2015-09-27 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JabRef
2015-09-27 16:16 - 2015-09-27 16:16 - 00000000 ____D C:\Program Files (x86)\JabRef
2015-09-27 16:15 - 2015-09-27 16:15 - 14253375 _____ (JabRef Team) C:\Users\*******\Downloads\JabRef-2.10-setup.exe
2015-09-27 15:51 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-27 15:51 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-27 15:29 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-27 15:29 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-27 15:29 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-27 15:29 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-27 15:29 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-27 15:29 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-27 15:29 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-27 15:29 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-27 15:29 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-27 15:29 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-27 15:29 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-27 15:29 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-27 15:29 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-27 15:29 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-27 15:29 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-27 15:29 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-27 15:29 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-27 15:29 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-27 15:29 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-27 15:29 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-27 15:29 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-27 15:29 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-27 15:29 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-27 15:29 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-27 15:29 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-27 15:29 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-27 15:29 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-27 15:29 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-27 15:29 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-27 15:29 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-27 15:29 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-27 15:29 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-27 15:29 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-27 15:29 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-27 15:29 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-27 15:29 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-27 15:29 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-27 15:29 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-27 15:29 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-27 15:29 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-27 15:29 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-27 15:29 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-27 15:29 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-27 15:29 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-27 15:29 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-27 15:29 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-27 15:29 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-27 15:29 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-27 15:29 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-27 15:29 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-27 15:29 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-27 15:29 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-27 15:29 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-27 15:29 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-27 15:29 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-27 15:29 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-27 15:29 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-27 15:29 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-27 15:29 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-27 15:29 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-27 15:29 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-27 15:29 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-27 15:29 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-27 15:29 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-27 15:29 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-27 15:29 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-27 15:29 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-27 15:29 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-27 15:29 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-27 15:29 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-27 15:29 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-27 15:29 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-27 15:29 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-27 15:29 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-27 15:29 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-27 15:29 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-27 15:29 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-09-27 15:29 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-27 15:29 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-27 15:29 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-27 15:29 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-27 15:29 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-27 15:29 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-27 15:29 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-27 15:29 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-27 15:29 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-09-27 15:29 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-27 15:29 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-27 15:29 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-27 15:29 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-27 15:29 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-27 15:29 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-27 15:29 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-27 15:29 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-27 15:29 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-27 15:29 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-27 15:29 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-27 15:29 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-27 15:29 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-27 15:29 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-27 15:29 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-27 15:29 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-27 15:29 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-27 15:29 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-27 15:29 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-27 15:29 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-27 15:29 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-27 15:29 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-27 15:29 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-27 15:29 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-27 15:29 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-27 15:29 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-27 15:29 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-27 15:29 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-27 15:29 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-27 15:29 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-27 15:29 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-27 15:29 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-27 15:29 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-27 15:29 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-27 15:29 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-27 15:29 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-27 15:29 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-27 15:29 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-27 15:29 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-27 15:29 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-27 15:29 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-09-27 15:29 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-27 15:29 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-27 15:29 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-27 15:29 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-27 15:29 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-27 15:28 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-27 15:28 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-27 15:28 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-27 15:28 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-27 15:28 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-27 15:28 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-27 15:28 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-27 15:28 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-27 15:28 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-27 15:28 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-27 15:28 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-27 15:28 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-27 15:28 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-27 15:28 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-27 15:28 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-27 15:28 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-27 15:28 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-27 15:28 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-27 15:28 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-27 15:28 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-27 15:28 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-09-27 15:28 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-09-27 15:28 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-09-27 15:28 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-09-27 15:28 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-27 15:28 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-27 15:28 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-09-27 15:28 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-27 15:28 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-09-27 15:28 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-27 15:28 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-27 15:28 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-27 15:28 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-27 15:28 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-27 15:28 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-09-27 15:28 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-27 15:28 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-27 15:28 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-27 15:28 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-09-27 15:28 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-09-27 15:23 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-27 15:23 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-27 15:23 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-27 15:23 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-27 15:23 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-27 15:23 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-27 15:23 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-27 15:23 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-27 15:23 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-27 15:23 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-27 15:23 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-27 15:23 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-27 15:23 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-27 15:23 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-27 15:23 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-27 15:23 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-23 19:57 - 2015-10-17 15:33 - 00002232 _____ C:\Windows\PFRO.log
2015-09-23 14:30 - 2015-10-17 15:44 - 00009630 _____ C:\Windows\setupact.log
2015-09-23 14:30 - 2015-09-23 14:30 - 00000000 _____ C:\Windows\setuperr.log
2015-09-21 21:20 - 2015-09-22 20:58 - 00000000 ____D C:\Users\*******\Desktop\tse session
2015-09-21 04:43 - 2015-09-21 04:43 - 00013412 _____ C:\Users\*******\Documents\Kopie von TK100715.xlsb
2015-09-18 00:16 - 2015-09-18 00:16 - 00000005 _____ C:\Users\*******\Desktop\new 1.txt
2015-09-18 00:11 - 2015-09-18 00:15 - 00009213 _____ C:\Users\*******\Desktop\gehaltsvergleich gesis-uu.xlsx
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-17 16:44 - 2013-10-21 01:35 - 00028202 _____ C:\Users\*******\Downloads\FRST.txt
2015-10-17 16:44 - 2013-09-04 13:06 - 00000000 ____D C:\FRST
2015-10-17 16:40 - 2015-01-27 23:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-17 16:38 - 2015-06-17 16:27 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job
2015-10-17 16:34 - 2013-09-07 01:14 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job
2015-10-17 15:55 - 2013-06-05 00:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-17 15:44 - 2009-07-14 06:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-17 15:44 - 2009-07-14 06:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-17 15:40 - 2013-06-05 10:15 - 00703214 _____ C:\Windows\system32\perfh007.dat
2015-10-17 15:40 - 2013-06-05 10:15 - 00150822 _____ C:\Windows\system32\perfc007.dat
2015-10-17 15:40 - 2009-07-14 07:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-17 15:37 - 2015-04-23 18:48 - 00000000 ____D C:\Users\*******\AppData\Roaming\IObit
2015-10-17 15:37 - 2015-04-23 18:48 - 00000000 ____D C:\ProgramData\IObit
2015-10-17 15:37 - 2015-04-23 18:48 - 00000000 ____D C:\Program Files (x86)\IObit
2015-10-17 15:37 - 2013-06-05 00:40 - 01722092 _____ C:\Windows\WindowsUpdate.log
2015-10-17 15:35 - 2013-06-26 18:26 - 00000000 ___RD C:\Users\*******\Dropbox
2015-10-17 15:35 - 2013-06-26 18:15 - 00000000 ____D C:\Users\*******\AppData\Roaming\Dropbox
2015-10-17 15:34 - 2014-01-21 15:54 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-17 15:34 - 2013-06-05 00:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-17 15:33 - 2013-06-26 23:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-17 15:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-17 15:32 - 2013-10-18 20:02 - 00000000 ____D C:\AdwCleaner
2015-10-17 15:32 - 2013-06-26 17:59 - 00000000 ____D C:\Users\*******\AppData\Roaming\Skype
2015-10-17 14:58 - 2014-08-04 09:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-17 14:58 - 2014-08-04 09:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-17 14:58 - 2014-08-04 09:15 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-10-17 02:00 - 2013-06-26 18:10 - 00000000 ____D C:\Users\*******\AppData\Local\Adobe
2015-10-16 21:46 - 2015-06-17 16:27 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job
2015-10-16 21:40 - 2015-01-27 23:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-16 21:40 - 2013-12-14 17:24 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-16 21:40 - 2013-12-14 17:24 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-16 20:34 - 2013-09-07 01:14 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job
2015-10-16 19:50 - 2014-01-01 12:49 - 00000000 ____D C:\Users\*******\Documents\Outlook-Dateien
2015-10-16 19:01 - 2013-06-26 18:00 - 00000000 ____D C:\Users\*******\AppData\Roaming\Adobe
2015-10-16 17:03 - 2015-04-23 20:30 - 00000000 ____D C:\Users\*******\Documents\simulation
2015-10-16 15:47 - 2015-08-24 13:06 - 00000000 ____D C:\Text_Latex
2015-10-16 14:06 - 2014-09-13 12:35 - 00000000 ____D C:\Qoobox
2015-10-16 13:47 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-10-16 12:00 - 2013-06-05 00:44 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2015-10-16 12:00 - 2013-06-05 00:38 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo *******Vantage Tools
2015-10-16 12:00 - 2013-06-05 00:34 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-10-16 12:00 - 2013-06-04 18:02 - 00000000 ____D C:\ProgramData\Lenovo
2015-10-16 11:29 - 2013-06-26 17:52 - 00000000 ____D C:\Users\*******\AppData\Roaming\Nitro PDF
2015-10-15 20:15 - 2013-06-26 17:51 - 00000000 ____D C:\Users\*******\AppData\LocalLow\VeriSign
2015-10-15 19:46 - 2014-11-22 15:10 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2015-10-15 19:23 - 2015-01-07 18:33 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-15 19:23 - 2014-12-05 12:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-15 14:55 - 2013-06-27 20:37 - 00007644 _____ C:\Users\*******\AppData\Local\Resmon.ResmonCfg
2015-10-15 10:55 - 2013-08-12 13:46 - 00000000 ____D C:\Workspace R
2015-10-14 20:45 - 2015-01-14 14:15 - 00000000 ____D C:\Users\*******\Documents\Zotero Workspace
2015-10-14 13:46 - 2013-09-04 13:08 - 00085654 _____ C:\Users\*******\Downloads\Addition.txt
2015-10-12 13:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-10 17:01 - 2015-06-30 17:54 - 00000000 ____D C:\Figures_Latex
2015-10-07 14:38 - 2015-06-23 21:27 - 00002196 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-10-05 09:50 - 2014-08-04 09:15 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-05 09:50 - 2014-08-04 09:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-05 09:50 - 2013-10-18 16:47 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-04 19:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-10-04 14:20 - 2015-05-12 09:57 - 00001964 _____ C:\Users\Public\Desktop\Sonos.lnk
2015-10-04 14:20 - 2014-11-22 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2015-10-04 14:20 - 2014-11-22 15:10 - 00000000 ____D C:\Program Files (x86)\Sonos
2015-10-04 14:20 - 2013-10-10 12:21 - 00000000 ____D C:\Users\*******\AppData\Local\Downloaded Installations
2015-10-02 18:31 - 2013-09-21 22:16 - 00000000 ____D C:\Users\*******\AppData\Roaming\texstudio
2015-10-02 18:11 - 2013-06-26 17:49 - 00000000 ____D C:\Users\*******
2015-10-01 14:18 - 2015-01-09 01:55 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1420761345
2015-10-01 14:18 - 2013-06-26 19:24 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-28 22:08 - 2013-06-27 09:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-28 22:08 - 2013-06-27 09:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-28 22:08 - 2009-07-14 06:45 - 00509784 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-28 22:07 - 2015-04-20 11:31 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-28 22:07 - 2014-04-26 01:33 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-28 22:07 - 2011-12-08 22:43 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-28 22:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-27 15:53 - 2013-06-26 18:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-27 15:51 - 2013-06-27 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-27 15:48 - 2013-07-15 11:32 - 00000000 ____D C:\Windows\system32\MRT
2015-09-27 15:36 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-09-26 14:37 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-10-04 00:29 - 2013-10-04 00:29 - 0000000 _____ () C:\Users\*******\AppData\Roaming\AbsoluteReminder.xml
2013-10-16 21:22 - 2013-10-16 21:58 - 0000132 _____ () C:\Users\*******\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format
2013-08-08 01:21 - 2013-08-08 01:21 - 0000037 ___SH () C:\Users\*******\AppData\Local\70149b02515b3bb20dd492.47983420
2013-06-27 20:37 - 2015-10-15 14:55 - 0007644 _____ () C:\Users\*******\AppData\Local\Resmon.ResmonCfg
2013-06-05 00:36 - 2013-06-05 00:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-21 10:47 - 2014-07-21 10:47 - 0000337 _____ () C:\ProgramData\hpzinstall.log
2013-06-26 17:52 - 2013-07-07 19:31 - 0000227 _____ () C:\ProgramData\LastUpdate.xml
Einige Dateien in TEMP:
====================
C:\Users\*******\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbr2cqu.dll
C:\Users\*******\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.624.exe
C:\Users\*******\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-13 00:34
==================== Ende von FRST.txt ============================
|
|
17.10.2015, 15:54
| #13 |
| | Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige TextnachrichtCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-10-2015
durchgeführt von ******** (2015-10-17 16:45:12)
Gestartet von C:\Users\********\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-06-26 15:49:52)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1480473739-3576749651-3455334848-500 - Administrator - Disabled)
Gast (S-1-5-21-1480473739-3576749651-3455334848-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1480473739-3576749651-3455334848-1004 - Limited - Enabled)
******** (S-1-5-21-1480473739-3576749651-3455334848-1000 - Administrator - Enabled) => C:\Users\********
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Aangifte inkomstenbelasting 2011 (HKLM-x32\...\Aangifte inkomstenbelasting 2011) (Version: - Belastingdienst)
Aangifte inkomstenbelasting 2013 (HKLM-x32\...\Aangifte inkomstenbelasting 2013) (Version: - Belastingdienst)
ABN AMRO e.dentifier2 software (HKLM-x32\...\{55BF7E3E-F00A-4A3D-BB76-09228B35FFD6}) (Version: 02.00 - ABN AMRO BANK)
ActivePerl 5.20.2 Build 2002 (64-bit) (HKLM\...\{C07C5E6C-2225-4668-896C-31A7D105A9BB}) (Version: 5.20.2002 - ActiveState)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Connect 9 Add-in (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Adobe Connect 9 Add-in) (Version: 11,9,972,8 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.4.0 - IObit)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit)
Dropbox (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Elements 12 Organizer (x32 Version: 12.0 - Ihr Firmenname) Hidden
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.55 - )
EPSON BX620FWD Series Printer Uninstall (HKLM\...\EPSON BX620FWD Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.1 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
G*Power 3.1.9.2 (HKLM-x32\...\{F9C59D86-6F65-4EDB-89A2-FBA1F78762D2}) (Version: 3.1.92 - Franz Faul, Uni Kiel, Germany)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
Google Apps Migration For Microsoft Outlook® 3.4.27.52 (HKLM-x32\...\{65960C6E-BFA2-4FE7-A1BC-8028F3072566}) (Version: 3.4.27.52 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.7.410.1100 (HKLM-x32\...\{799A7E2B-388F-4BDE-B55B-47AF42C6440A}) (Version: 3.7.410.1100 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hema Fotoalbum (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\{83EF9202-135C-4AFC-A083-DE9D09C6BC46}_is1) (Version: - Hema)
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.31 - SunplusIT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3359 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}) (Version: 17.13.2 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.118 - IObit)
JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.72.10 - Lenovo)
Lenovo App Shop (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 44154 - Intel)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - )
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.2.1003.00 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.1 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.04 - )
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 2.00 - Lenovo Group Limited)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{E92E1FF1-B188-43FE-BECA-2248E227E67D}) (Version: 2.8.005.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0008 - Lenovo)
Lenovo USB 2.0 Ethernet Adapter (HKLM-x32\...\{29584513-DC7F-4EB9-8654-7C541DF0DDCE}) (Version: 1.11 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0021.00 - Lenovo Group Limited)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Master of Orion 2 (HKLM-x32\...\1207661633_is1) (Version: 2.1.0.18 - GOG.com)
Mendeley Desktop 1.11 (HKLM-x32\...\Mendeley Desktop) (Version: 1.11 - Mendeley Ltd.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM-x32\...\{90150000-001F-0413-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.2.5.4 - Ericsson AB)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Mplus Version 7.3 Demo (64-bit) (HKLM\...\{BA273660-8C9F-4835-A906-3B5686BE7AB4}) (Version: 7.3.0 - Muthen & Muthen)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nitro Pro 7 (HKLM\...\{36710189-55DF-4D75-8B6A-523CC61B7047}) (Version: 7.4.1.4 - Nitro PDF Software)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
Octoshape Streaming Services (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
R for Windows 3.0.3 (HKLM\...\R for Windows 3.0.3_is1) (Version: 3.0.3 - R Core Team)
R for Windows 3.2.0 (HKLM\...\R for Windows 3.2.0_is1) (Version: 3.2.0 - R Core Team)
RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - Lenovo)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1103 - RStudio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 29.5.90191 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Spotify) (Version: 1.0.5.178.g885b099b - Spotify AB)
SRWare Iron version SRWare Iron 40.2150.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 40.2150.0 - SRWare)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TeXnicCenter Version 2.02 Stable (HKLM\...\TeXnicCenter_is1) (Version: 2.02 Stable - The TeXnicCenter Team)
TeXstudio 2.6.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.6.2 - Benito van der Zander)
********Pad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
********Pad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
********Vantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.25.65 - Lenovo)
********Vantage Access Connections (HKLM-x32\...\{A62AEB2B-E2A0-4E77-8AAE-9645FE3B5487}) (Version: 5.95 - Lenovo)
********Vantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.44.0 - Lenovo)
********Vantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
********Vantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.81 - Lenovo)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
Widevine Media Optimizer Chrome 6.0.0 (HKLM-x32\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Intel (ISCT) System (08/23/2011 1.0.5.0) (HKLM\...\8D1FA6162A87496A05284A0C76A3B76705965B62) (Version: 08/23/2011 1.0.5.0 - Intel)
Windows-Treiberpaket - Intel System (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SmbDrv) System (07/05/2012 16.2.5.0) (HKLM\...\99334E0BAA64ED1D117794050F2AA7D3951D9A7D) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (07/05/2012 16.2.5.0) (HKLM\...\0395D83D6A2C0E110509B9E80E9BC5F29238FA82) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Zotero Standalone 4.0.23 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.23 (x86 en-US)) (Version: 4.0.23 - Zotero)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\********\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
==================== Wiederherstellungspunkte =========================
15-10-2015 00:53:36 Geplanter Prüfpunkt
16-10-2015 13:18:57 ComboFix created restore point
17-10-2015 15:36:26 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-10-16 13:47 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05C78976-EF75-4798-8EDF-5F59FD4E9D1D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-17] (Lenovo)
Task: {11257F63-5297-4886-AFC6-2211F6C9B8A3} - System32\Tasks\{AD1218B3-DC59-4081-8A45-2014706A72CC} => pcalua.exe -a "C:\Users\********\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4EH50OQF\AVM_FRITZ!WLAN_Repeater_310_Assistent.exe" -d C:\Users\********\Desktop
Task: {16D76F82-AC80-4041-BCAC-6798F30CD84B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\********\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {23E62AD8-63C7-49C4-8D88-568E37D12038} - System32\Tasks\{E661EA14-4831-4DC9-BA24-1F58FD3A9520} => C:\Users\********\Downloads\alfatest.exe [2015-05-12] ()
Task: {3A398B3D-4A65-49EB-B38D-0A09895A2250} - System32\Tasks\Opera scheduled Autoupdate 1420761345 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {4D921DAC-9A08-4581-852D-45C2A781DF67} - System32\Tasks\AdobeAAMUpdater-1.0-********-******** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {4ED24D9E-64F9-4EFD-8D62-2A46AB7FD6F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\********\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5101C02D-4ACA-41E8-A6F5-210953BD81F2} - System32\Tasks\{9F4FBCB7-441F-4042-8998-402A08F71CD7} => C:\Users\********\Downloads\alfatest.exe [2015-05-12] ()
Task: {51527F61-8136-4602-9BBD-7F6A3386DE9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated)
Task: {516DE39E-4BC8-46DC-98B3-4E384F30F3C3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\********\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {544E4E1D-B75D-4BB3-A0C9-D1FF08669CC2} - System32\Tasks\{96C4092B-3E36-4FFF-A252-679948D94E24} => C:\Users\********\Downloads\alfatest.exe [2015-05-12] ()
Task: {7919D72C-61BF-4D32-B4B1-611567EE8130} - System32\Tasks\ASC8_SkipUac_******** => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-08-13] (IObit)
Task: {7A94AD62-0252-460D-9461-2AECDE893A62} - System32\Tasks\{B5103088-5AA1-4ED1-B052-EE1CD81AA67F} => C:\Users\********\Downloads\alfatest.exe [2015-05-12] ()
Task: {7ED977C3-E5A3-4DF8-A891-8CAC05FDC42C} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {81950FA3-3AF2-4847-B96B-94549F81FE8A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {87B99F39-997D-4779-8463-8CD302544AD5} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-08-12] (IObit)
Task: {8B1A1E8D-C0C0-4103-A1F3-3F622D197ACF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\********\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {8BA7A521-2EDE-4A9A-A6C4-3A2B99F3C353} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {A0C547F0-617C-40D8-9079-033C06E2AFA0} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {A66A4169-D399-41CB-8193-6621E49CB98E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A8050360-68AF-4FC6-8093-7F999F66E86E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {A9A553D2-A554-44FC-95C8-5FA6297B2471} - System32\Tasks\{396E50AE-0DBA-4615-A96F-CFE4DC2D9EF1} => C:\Users\********\Downloads\alfatest.exe [2015-05-12] ()
Task: {ACA06C7F-29C4-4B82-9EE4-5D7963A33E65} - System32\Tasks\{7389CD34-2D3B-4788-99E0-2FA2C4B12C48} => C:\Users\********\Downloads\alfatest.exe [2015-05-12] ()
Task: {CE9FB232-A20A-4B40-BDDE-6185834DBC42} - System32\Tasks\{1D30A00C-6ED6-4D93-B8A1-4E559F3B335B} => C:\Users\********\Downloads\alfatest.exe [2015-05-12] ()
Task: {D2A57E6F-F90F-4E0A-8870-20C421B5B0C3} - System32\Tasks\{BC072FDB-9C95-45AD-8328-17D7B8A4868E} => C:\Users\********\Downloads\alfatest.exe [2015-05-12] ()
Task: {D62E9411-106C-4EE9-B21A-52615D62B885} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-09-10] ()
Task: {D63B89A4-B7CE-47C3-9233-92909828A987} - System32\Tasks\{010A5FF7-A151-4825-B0EA-879607C5D583} => C:\Users\********\Downloads\alfatest.exe [2015-05-12] ()
Task: {D7CDE812-B353-455D-8286-DE0FC7CFEE28} - System32\Tasks\{D82A1DC1-78A4-4231-BB44-53D94432F129} => C:\Users\********\Downloads\alfatest.exe [2015-05-12] ()
Task: {DE225219-FCE1-4AFF-8337-76007213F971} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-17] (Lenovo)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job => C:\Users\********\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job => C:\Users\********\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job => C:\Users\********\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job => C:\Users\********\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2013-06-27 10:41 - 2013-05-13 15:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-06-05 00:36 - 2011-07-13 10:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-10-01 14:18 - 2015-10-01 14:17 - 59639416 _____ () C:\Program Files (x86)\Opera\32.0.1948.69\opera.dll
2015-10-01 14:18 - 2015-10-01 14:17 - 01881208 _____ () C:\Program Files (x86)\Opera\32.0.1948.69\libglesv2.dll
2015-10-01 14:18 - 2015-10-01 14:17 - 00081528 _____ () C:\Program Files (x86)\Opera\32.0.1948.69\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\AdwCleaner:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Boot:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Causal model.pptx:com.dropbox.attributes
AlternateDataStreams: C:\Causal_model_small.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Config.Msi:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Documents and Settings:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Dokumente und Einstellungen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\DRIVERS:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\FRST:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Intel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\mfg:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\MSOCache:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\PerfLogs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Program Files:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Program Files (x86):IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\swshare:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\SWTOOLS:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\System Volume Information:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\table1.png:com.dropbox.attributes
AlternateDataStreams: C:\Temp:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Workspace R:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\All Users:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Adobe:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Brother:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Cisco:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Desktop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Dokumente:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Downloaded Installations:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\EPSON:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Favoriten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Favorites:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\FileOpen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\IDM:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Intel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Lenovo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\MacheenService:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Malwarebytes:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\McAfee:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft Help:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Mozilla:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Nitro PDF:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Norton:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\NortonInstaller:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Oracle:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Package Cache:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\regid.1986-12.com.adobe:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\SafeNet Sentinel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Simply Super Software:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Skype:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Sophos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\SPSS:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Spybot - Search & Destroy:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Start Menu:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Startmenü:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Sun:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\TEMP:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Templates:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Vorlagen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpsonNet:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo App Shop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ********Vantage Tools:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Desktop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Downloads:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Druckumgebung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Eigene Dateien:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Favorites:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Links:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Local Settings:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Lokale Einstellungen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\My Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\NetHood:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Netzwerkumgebung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\PrintHood:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Recent:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Saved Games:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\SendTo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Start Menu:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Startmenü:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Templates:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Vorlagen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\History:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Local\Verlauf:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\Eigene Bilder:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\Eigene Musik:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\Eigene Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\My Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\My Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\Documents\My Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\History:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Local\Verlauf:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Bilder:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Musik:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\My Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\My Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\Documents\My Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Desktop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Downloads:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Favorites:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Lenovo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Libraries:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Recorded TV:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Symantec:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Downloads\Norton:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\CrashDump:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\Eigene Bilder:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\Eigene Musik:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\Eigene Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\My Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\My Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\My Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\Public\Documents\NativeFus_Log:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\.spss:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Application Data:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Contacts:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Cookies:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Desktop:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Documents:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Downloads:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Dropbox:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Druckumgebung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Eigene Dateien:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Favorites:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Links:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Lokale Einstellungen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Music:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Netzwerkumgebung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Pictures:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Recent:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Saved Games:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Searches:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\SendTo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Startmenü:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Vorlagen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Downloads\Adobe Photoshop Elements 12:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Downloads\Latex:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Downloads\mflpro:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Downloads\Microsoft Office Professional Plus 2013 32-bit (German):IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\LocalLow:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Adobe:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\CoSoSys:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Dropbox:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\EPSON:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\FileOpen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Identities:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\IDM:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Intel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\LavasoftStatistics:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Leadertech:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Lenovo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Malwarebytes:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Mozilla:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\MyPhoneExplorer:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Nitro PDF:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Notepad++:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Opera:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\PDAppFlex:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\PwrMgr:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Skype:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Spotify:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\texstudio:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Adobe:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Broadcom:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Cisco:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Diagnostics:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Downloaded Installations:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\ElevatedDiagnostics:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Google:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\GPSENABLER:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Hema Fotoalbum:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\IBM:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\javasharedresources:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Lenovo:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\LSC:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Macromedia:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\MetaGeek,_LLC:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\MobileAccess:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Mozilla:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\ms-drivers:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Opera:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\PDF24:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\RStudio-Desktop.bu:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Spotify:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Temp:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\VeriSign:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\Verlauf:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Local\VirtualStore:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\LocalLow\Adobe:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\LocalLow\IDM:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\LocalLow\Intel:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\LocalLow\Microsoft:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\LocalLow\PlayReady:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\LocalLow\Sun:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\LocalLow\Symantec:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\LocalLow\VeriSign:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Documents\Amsterdam:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Documents\Bewerbungen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Documents\Bluetooth-Exchange-Ordner:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Documents\Eigene Bilder:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Documents\Eigene Musik:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Documents\Eigene Videos:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Documents\Finanzen:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Documents\Hema Fotoalbum:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Documents\R:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Documents\samsung:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Documents\Security Copy Dropbox:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Documents\SPSSInc:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\Documents\Studium:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hema Fotoalbum:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR
AlternateDataStreams: C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\hola.org -> hxxp://hola.org
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4788 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\********\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.179.104.196 - 213.46.228.196
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: Google Update => "C:\Users\********\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Integrated Camera_Monitor => C:\Program Files (x86)\Integrated Camera\monitor.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LENOVO.TPKNRRES => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
MSCONFIG\startupreg: LenovoNal => C:\Program Files\Lenovo\Lenovo Peer Connect\NalService.exe
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\********\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PWMTRV => rundll32 C:\PROGRA~2\********Pad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\********\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{2B063FA6-477F-48FA-9D1E-3BDBBDEB2DE6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EDD477BC-C5F1-4E0C-AD2F-EAB87CBE2016}] => (Allow) LPort=2869
FirewallRules: [{03D5C4C4-1599-4012-AD49-5002A9EA33DD}] => (Allow) LPort=1900
FirewallRules: [{34A60A08-403E-4FD9-86AE-64718FB480EF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{EF5C29A3-17C3-46AC-91A1-F104C6D38372}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7BA793EC-F5F6-4071-992C-E69FEA754B68}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{44D10574-CC59-4D88-A295-485DA2832F38}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F6FD2F10-D1DB-47D9-8902-2643C5E69F79}] => (Allow) C:\Users\********\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{36428086-0079-4F5C-BAA1-ADC33A93C5A4}] => (Allow) C:\Users\********\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0E310144-12A2-4304-B85D-67C0B79B1E3E}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{EF0AF0CC-7E9B-400C-AF5B-4BEA2C18386F}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{658B0361-312C-421C-8ECA-CA0C1E879717}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{22E03A7D-DA2D-4C2A-ABF2-8C8A40C6CFF1}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{C7DB25E6-D90E-4F4A-A745-29D1622204C1}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{31E76C7C-500A-4CEB-87E3-8D6FC0AAA2C6}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{8A54E9FF-9370-4F97-8091-2422BEA75318}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [TCP Query User{5837FA49-EC04-4CE2-A17F-5469621E5F70}C:\users\********\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\********\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C81CF274-8D28-4900-94C1-2F1891831C07}C:\users\********\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\********\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E3EF79E9-FE81-445C-9358-86918EBEBB9E}C:\users\********\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\********\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1C160363-0105-456F-B3D6-8A10B374F511}C:\users\********\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\********\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{E2ECEC31-40B6-4B15-B912-4E7378DF0193}C:\users\********\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\********\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{4CA88648-4EDA-4AF1-95D5-B3B155D7CCFB}C:\users\********\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\********\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{575915FC-4116-470F-8057-4C9DFAC272F6}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{AE4AA11B-7BE4-4429-9D7B-BCF8EC179EC1}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{522142AE-B1C9-423A-B3CD-8ED4EA0DBE7A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6844444C-9084-4822-A681-A85969309E62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8CE040F5-BCF4-4718-86D9-4A0CA9DFC42F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BE349F73-BC47-44F6-B11F-6728B3C5D0FB}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{F2F6FD46-5300-4873-9FA8-FE44688B1D4E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Lenovo Connect Device 1.0
Description: Lenovo Connect Device 1.0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/17/2015 03:33:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/16/2015 01:46:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CAMService.exe, Version: 1.0.0.1, Zeitstempel: 0x54077d08
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18939, Zeitstempel: 0x55b02e88
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004ac04
ID des fehlerhaften Prozesses: 0x948
Startzeit der fehlerhaften Anwendung: 0xCAMService.exe0
Pfad der fehlerhaften Anwendung: CAMService.exe1
Pfad des fehlerhaften Moduls: CAMService.exe2
Berichtskennung: CAMService.exe3
Error: (10/16/2015 01:45:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/16/2015 01:13:41 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/16/2015 01:13:41 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/16/2015 01:13:41 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/16/2015 01:13:41 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/16/2015 01:13:41 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=21, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/16/2015 01:13:41 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=18, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (10/16/2015 01:13:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CAMService.exe, Version: 1.0.0.1, Zeitstempel: 0x54077d08
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18939, Zeitstempel: 0x55b02e88
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004ac04
ID des fehlerhaften Prozesses: 0x958
Startzeit der fehlerhaften Anwendung: 0xCAMService.exe0
Pfad der fehlerhaften Anwendung: CAMService.exe1
Pfad des fehlerhaften Moduls: CAMService.exe2
Berichtskennung: CAMService.exe3
Systemfehler:
=============
Error: (10/17/2015 03:37:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VIPAppService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/17/2015 03:37:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/17/2015 03:37:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/17/2015 03:37:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Active File Monitor V12" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/17/2015 03:37:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/17/2015 03:37:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/17/2015 03:37:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Integrated Clock Controller Service - Intel(R) ICCS" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/17/2015 03:37:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Lenovo QuickControl Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/17/2015 03:37:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/17/2015 03:37:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Lenovo Hotkey Client Loader" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2015-10-17 14:23:05.302
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-17 12:57:53.254
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-16 20:40:11.658
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-16 20:40:08.848
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-16 13:31:34.170
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-16 13:31:34.119
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-16 13:31:34.066
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-16 13:31:34.017
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-15 22:49:08.428
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-15 22:48:51.804
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3667U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 7888.9 MB
Verfügbarer physikalischer RAM: 4705.54 MB
Summe virtueller Speicher: 15776 MB
Verfügbarer virtueller Speicher: 12437.5 MB
==================== Laufwerke ================================
Drive c: (Windows7_OS) (Fixed) (Total:200.43 GB) (Free:37.45 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:3.23 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: B605DD09)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)
==================== Ende von Addition.txt ============================
|
|
18.10.2015, 06:27
| #14 |
| /// the machine /// TB-Ausbilder | Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige TextnachrichtESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.10.2015, 15:28
| #15 |
| | Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige Textnachricht Hallo, nächste Runde: Code:
ATTFilter <ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=695e637be04d514a81cadbe32fd4561e
# engine=15557
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-20 11:24:30
# local_time=2013-10-21 01:24:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1286 16777214 100 98 129717 37081392 0 0
# compatibility_mode=5893 16776573 100 94 129484 133941320 0 0
# scanned=340790
# found=0
# cleaned=0
# scan_time=4458
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=695e637be04d514a81cadbe32fd4561e
# engine=20202
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-17 09:22:30
# local_time=2014-09-17 11:22:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777214 100 100 91973 42463372 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 45980 162618800 0 0
# scanned=488814
# found=1
# cleaned=0
# scan_time=5726
sh=61897FE467FE567D4E93C0E87AF1899DB5416CA2 ft=1 fh=2b4e98822df8a714 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=695e637be04d514a81cadbe32fd4561e
# end=init
# utc_time=2015-10-18 10:10:12
# local_time=2015-10-18 12:10:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26288
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=695e637be04d514a81cadbe32fd4561e
# end=updated
# utc_time=2015-10-18 10:12:36
# local_time=2015-10-18 12:12:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=695e637be04d514a81cadbe32fd4561e
# engine=26288
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-18 12:23:04
# local_time=2015-10-18 02:23:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 82189 196800834 0 0
# scanned=631936
# found=1
# cleaned=0
# scan_time=7827
sh=61897FE467FE567D4E93C0E87AF1899DB5416CA2 ft=1 fh=2b4e98822df8a714 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
Code:
ATTFilter Results of screen317's Security Check version 1.009
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Kaspersky Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 45
Java version 32-bit out of Date!
Adobe Flash Player 19.0.0.226
Adobe Reader XI
Mozilla Firefox (41.0.2)
````````Process Check: objlist.exe by Laurent````````
ESET ESET Online Scanner OnlineScannerApp.exe
Kaspersky Lab Kaspersky Internet Security 16.0.0 avp.exe
Kaspersky Lab Kaspersky Internet Security 16.0.0 avpui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
| Themen zu Verdächtiges Verhalten bei Win7 PC, langsam und eindeutige Textnachricht |
| browser, dnsapi.dll, driver booster, ebanking, einiger, ergebnis, heute, infektion, kaspersky, kaspersky und malwarebytes, langsam, langsamer, malwarebytes, mögliche, nachricht, sauber, scherz, seltsam, system, trojaner, verhalten, virus, website, win, win7, windows, windows 7, überprüfen, zeichen |
WARNUNG an die MITLESER: 
Linear-Darstellung
